hiding configuration.php gives forum problem
-
-
- Pim
- Rocketeer
- Posts: 89
- Thanks: 0
-
I have a question about a combination of security, phpBB3 and RokBridge.
I'm running Joomla 1.5.15 with phpBB3 (3.0.7), RokBridge (in bridge mode), RokBB3 and RokNaveMenu Exporter; also K2 and JomSocial and RS Firewall. I installed the last version of all the extensions.
I read a security article on www.rsjoomla.con which says the following
Step 1 : Move configuration.php to a safe directory outside of public_html.
Step 2: You will have to modify the /includes/defines.php and /administrator/includes/defines.php files, more precisely, this constant: define( 'JPATH_CONFIGURATION', JPATH_ROOT );
If, for example you wish to move the file up one level and into a folder named "test" the constant will look like this: define( 'JPATH_CONFIGURATION', JPATH_ROOT.DS.'..'.DS.'test' );
Step 3: Make sure the configuration.php is not writable at all, so that it can not be overridden by com_config.
Step 4: If you need to change configuration settings, do it manually in the relocated configuration.php.
I followed the instructions and it's working great for the normal Joomla website.
The forum however doesn't work anymore. The link of the menu-item which points to the forum is via the bridge set to: index.php?option=com_rokbridge
When the configuration.php is removed outside the root, it can't be found by phpBB3, which results in a redirection to the frontpage (?index.php).
I don't know which file is responsible that needs to find that configuration.php. Maybe it's the config.php that can't find the configuration.php.
To solve this issue I changed the link that points to the forum to an external link ( www.mysite.com/distribution/ ) instead of the bridged internal link.
This seems to work, but I'm worried that it causes other problems because of not using the bridge.
Who can advise me?
-
Time to create page: 0.072 seconds