Loader

Knowledgebase

Further Security Steps Last Modified: 2014-09-25


Views : 3642 Print Article

Move the downloads & templates_c folders

The 2 folders "downloads" and "templates_c" need to be writable by Dhru Fusion and therefore require the permissions 777 (writable by all). When folders have this permission level it is safer to place the folders outside of the public accessible folder tree on your website. Dhru Fusion allows you to do this. If you do move the folders, then you must tell to Dhru Fusion where they have been moved to by update Settings -> Security "Template Compiler Path" and "Downlaod Directory Path" :

Template Compiler Path = "../templates_c/";
Downlaod Directory Path = "../download/";

In the above example, above public_html folder with cPanel.

Note that if you are running suphp or phpsuexec you should not make the mode changes as the folders will already be writeable. In fact, you cannot set folder or file permissions to be 777 when running suphp or phpsuexec - the highest permissions are 755 for both folders and files.

 

 

Change your Admin Folder name

Malicious users who visit your site and recognize a Dhru Fusion install will know that they can try logging into your admin area via the admin folder. To protect against this, you can rename the admin folder name to any name you like. You cannot move the folder - only rename it. You can then tell Dhru Fusion what the name of that folder is for the links in admin notification emails by adding the following line to your /configs/config.php file:

#$customadminpath = "";

Remove # and Replace "" with "your admin folder" above with the new name you just gave to your admin folder. (e.g. $customadminpath = "MyAdmin";)

 

Protect config config file

if you are using shared hosting environment, Suggest you to change config/config.php permission to 600

 

Restrict Access by IP

You can add more protection to your admin area by restricting access to a specific IPs Or IP Range. This is done by go Settings > Security Settings > Admin Allowed IP

for e.g. your static ip is "11.11.11.11"
Admin Allowed IP = 11.11.11.11

if you want use from 2 static ip 
Admin Allowed IP = 11.11.11.11 22.22.22.22
if you want add IP Range like 33.33.*.*
Admin Allowed IP = 11.11.11.11 22.22.22.22 33.33.0.0/16

if you got any problem in add ip and you lost your admin access , you can got back by just remove .htaccess file in your admin folder .









Google+ RSS
Google Post



© Sanvi Software Ptv Ltd 2016 | Dhru™ | Smart Lifestyle™ | Dhru Cloud™

Privacy Policy | TOC

Go to TopBack to Top