After some troubles, I got soupermail running! I had several issues though the biggest one was solved by creating a symlink: ln -s /usr/sbin/sendmail /usr/lib/sendmail.
I'm running FreeBSD 6.1-RELEASE-p8.
Now I'm trying to patch up any possible security holes. I've tried placing a .htaccess file in the /usr/home/rxmanage/www/ folder that contained the *.con files using this:
<Files ~ "^.*\.con$">
Order allow,deny
Deny from all
</Files>
That works though it I'm afraid that a tenacious person could break through .htaccess files with some effort. So, I decided to place all the config files, and template files outside my Web root using:
$privateRoot = "/usr/home/rxmanage/configfiles";
and the tilde prefix in the *.html files like this:
The forms work alright except when it needs to write to any file that resides in my $privateroot, i.e.
fatal (Can not write to fileto of: /usr/home/rxmanage/configfiles/counters/guestbook.htm)
Is it a permission issue, i.e. CHMOD 755 the privateroot? Any suggestions? Is "outside my web root" under or over my web "www" directory? Maybe I'm a bit cockeyed today.
For example, do they mean this:
/usr/home/rxmanage/configfiles/
or this:
/usr/home/rxmanage/www/configfiles/
Any insight would be appreciate. GREAT app!
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi dpaule,
"The forms work alright except when it needs to write to any file that resides in my $privateroot, i.e.
fatal (Can not write to fileto of: /usr/home/rxmanage/configfiles/counters/guestbook.htm)
Is it a permission issue, i.e. CHMOD 755 the privateroot? Any suggestions?"
Yeah, is definitely permissions.
"Is "outside my web root" under or over my web "www" directory? Maybe I'm a bit cockeyed today.
For example, do they mean this:
/usr/home/rxmanage/configfiles/
or this:
/usr/home/rxmanage/www/configfiles/ "
Doesn't really matter where you put it so long as you have the path set correctly and can assign permissions ... /usr/home/rxmanage/configfiles/ is preferable as then they should not be browsable.
Bob
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
After some troubles, I got soupermail running! I had several issues though the biggest one was solved by creating a symlink: ln -s /usr/sbin/sendmail /usr/lib/sendmail.
I'm running FreeBSD 6.1-RELEASE-p8.
Now I'm trying to patch up any possible security holes. I've tried placing a .htaccess file in the /usr/home/rxmanage/www/ folder that contained the *.con files using this:
<Files ~ "^.*\.con$">
Order allow,deny
Deny from all
</Files>
That works though it I'm afraid that a tenacious person could break through .htaccess files with some effort. So, I decided to place all the config files, and template files outside my Web root using:
$privateRoot = "/usr/home/rxmanage/configfiles";
and the tilde prefix in the *.html files like this:
<input type="hidden" name="SoupermailConf" value="~ foo.con">
The forms work alright except when it needs to write to any file that resides in my $privateroot, i.e.
fatal (Can not write to fileto of: /usr/home/rxmanage/configfiles/counters/guestbook.htm)
Is it a permission issue, i.e. CHMOD 755 the privateroot? Any suggestions? Is "outside my web root" under or over my web "www" directory? Maybe I'm a bit cockeyed today.
For example, do they mean this:
/usr/home/rxmanage/configfiles/
or this:
/usr/home/rxmanage/www/configfiles/
Any insight would be appreciate. GREAT app!
Hi dpaule,
"The forms work alright except when it needs to write to any file that resides in my $privateroot, i.e.
fatal (Can not write to fileto of: /usr/home/rxmanage/configfiles/counters/guestbook.htm)
Is it a permission issue, i.e. CHMOD 755 the privateroot? Any suggestions?"
Yeah, is definitely permissions.
"Is "outside my web root" under or over my web "www" directory? Maybe I'm a bit cockeyed today.
For example, do they mean this:
/usr/home/rxmanage/configfiles/
or this:
/usr/home/rxmanage/www/configfiles/ "
Doesn't really matter where you put it so long as you have the path set correctly and can assign permissions ... /usr/home/rxmanage/configfiles/ is preferable as then they should not be browsable.
Bob
It was a permissions issues. I appreciate your clarification. Thanks for your response!