lucia1
03-28-2010, 06:12 PM
XOOPS 2.4.4
Apache 2.0
Due to security considerations, I need to move two folders, xoops_data and xoops_lib, out of my Xoops 2.4.4 documentroot folder. I am able to move the folders out of the documentroot folder, but after changing the path in mainfile.php, I get php errors indicating that the folders cannot be located.
If I improperly edited the paths in mainfile.php, this could be the issue. However, I checked the paths in mainfile.php and they appear to be correct.
It was mentioned that even if control panel lets me create the folders, the paths may need to be added to an Apache list called 'Open basedir' which controls access to files outside the web root. If this is the case, how do I get to the Apache list to modify it?
If I donot have the option to take the folders out of the root folder, then the work around is to use CHMOD "444," and leave the folders in their current location. Is this a reasonable option? I have a dedicated IP address and an SSL certificate installed. I will need to write an .htaccess file to deny direct access. Can someone provide me some ideas about writing an .htaccess file?
Apache 2.0
Due to security considerations, I need to move two folders, xoops_data and xoops_lib, out of my Xoops 2.4.4 documentroot folder. I am able to move the folders out of the documentroot folder, but after changing the path in mainfile.php, I get php errors indicating that the folders cannot be located.
If I improperly edited the paths in mainfile.php, this could be the issue. However, I checked the paths in mainfile.php and they appear to be correct.
It was mentioned that even if control panel lets me create the folders, the paths may need to be added to an Apache list called 'Open basedir' which controls access to files outside the web root. If this is the case, how do I get to the Apache list to modify it?
If I donot have the option to take the folders out of the root folder, then the work around is to use CHMOD "444," and leave the folders in their current location. Is this a reasonable option? I have a dedicated IP address and an SSL certificate installed. I will need to write an .htaccess file to deny direct access. Can someone provide me some ideas about writing an .htaccess file?