| Author |
Message |
Daniel
Team Member
Joined: 06 Jan 2002
Posts: 2564
|
 Posted:
Mon Mar 18, 2002 8:28 pm (22 years, 1 month ago) |
  |
|
    |
|
Justin
4WebHelp Addict
Joined: 07 Jan 2002
Posts: 1060
|
| Posted:
Mon Mar 18, 2002 9:02 pm (22 years, 1 month ago) |
|
Sounds nasty, I presume RC-4 will be out later, I am on RC-2, and wasn't planning on upgrading until the final version, but this pretty much changes that  |
|
|
 |
|
Daniel
Team Member
Joined: 06 Jan 2002
Posts: 2564
|
| Posted:
Tue Mar 19, 2002 7:11 am (22 years, 1 month ago) |
|
You could always make the recommended changes and not upgrade... That's what I did. |
________________________________
 |
|
|
|
szo2
Junior WebHelper
Joined: 10 Jan 2002
Posts: 18
Location: Hong Kong
|
| Posted:
Tue Mar 19, 2002 9:17 am (22 years, 1 month ago) |
|
Can't you just use .htaccess and deny all http access to the dir includes? |
|
|
|
|
Daniel
Team Member
Joined: 06 Jan 2002
Posts: 2564
|
| Posted:
Tue Mar 19, 2002 5:22 pm (22 years, 1 month ago) |
|
I guess you could. I would still apply the recommended changes just in case though... |
________________________________
|
|
|
|
Justin
4WebHelp Addict
Joined: 07 Jan 2002
Posts: 1060
|
| Posted:
Tue Mar 19, 2002 6:26 pm (22 years, 1 month ago) |
|
Any rough ideas when they plan on releasing RC-4, I have a few clients that need a bulletin board installed, I was supposed to do it yesterday but I heard this so I told them to wait for RC-4 to come out then I would Install the script for them.
Only thing is I kinda hope it's soon or they get their script installs half price!  |
|
|
|
|
Daniel
Team Member
Joined: 06 Jan 2002
Posts: 2564
|
| Posted:
Tue Mar 19, 2002 6:28 pm (22 years, 1 month ago) |
|
Why don't you just install it, and make the recommended changes? You could also use htaccess to protect the includes directory, as recommended above. |
________________________________
|
|
|
|
Justin
4WebHelp Addict
Joined: 07 Jan 2002
Posts: 1060
|
| Posted:
Tue Mar 19, 2002 6:43 pm (22 years, 1 month ago) |
|
The Customer is using Microsoft FrontPage based uploads, which requires the fact that we can't upload a .htaccess file, and the customer specifically requested that he wishess to wait until the RC-4 comes out, because there are rumours that there are a few more minor security flaws that will be fixed in the new release.
Just wish it would come out soon, was supposed to be last night! |
|
|
|
|
Daniel
Team Member
Joined: 06 Jan 2002
Posts: 2564
|
| Posted:
Tue Mar 19, 2002 6:46 pm (22 years, 1 month ago) |
|
I wouldn't give the customer a discount for being late if they specifically requested you not install RC3... |
________________________________
|
|
|
|
Justin
4WebHelp Addict
Joined: 07 Jan 2002
Posts: 1060
|
| Posted:
Tue Mar 19, 2002 6:51 pm (22 years, 1 month ago) |
|
I wouldn't normally either, but as we're new, we have to build up a reputation, although when you have a large number of emails coming a day, it can get you down a bit. Good Customer services though, can do us no harm  . |
|
|
|
|
Daniel
Team Member
Joined: 06 Jan 2002
Posts: 2564
|
| Posted:
Wed Mar 20, 2002 7:51 pm (22 years, 1 month ago) |
|
|
|
|
|
|
