HTML Logo by World Wide Web Consortium (www.w3.org). Click to learn more about our commitment to accessibility and standards.

Moving forward with Composr

ocPortal has been relaunched as Composr CMS, which is now in beta. ocPortal 9 will be superseded by Composr 10.

Head over to compo.sr for our new site, and to our migration roadmap. Existing ocPortal member accounts have been mirrored.


Hi and some questions

Login / Search

 [ Join | More ]
 Add topic 
Posted
Rating:
#104247 (In Topic #20368)
Avatar

Fan in action

New user gauging the system and whats going on.

Hi all,

The last few days/weeks I have been looking for a system to meet my needs and this seems to mostly fit so to say.

I do have some questions about this project and where it's likely to head etc as well I ran into a small error on a test setup which Is something that should be changed with oc due to security.

But firstly here is what I'm looking at doing and some stuff.

I'm hoping to create a specialised help and support community for people into cosplay, anime etc who have social issues, anxiety, depression etc to try to encourage and support them and also so they can to meet others with similar interests and situations, as I'm seeing a lot of people like this.  I myself am such a person.

The site I plan is planned will different things, mainly news, forums, chat, personal blogs and imageboards.

The access levels will be as follows:
Forums will be open to members posting guests reading
News will be staff only to post everyone reading
Blogs will be on a privileged user group for those members that ask and want to do this. reading may be on per user request to be public/members to their blog.
Chat will be members only to chat everyone read or members unsure.
Imageboards will be publicly hidden, with member only access via cookie and htaccess if doable, everything will be stand alone and anonymous with just restricted access into it.

I have looked at various software and to see about support and compatibilities between them without much success. As user plugins are either outdated which have been abandoned seems to happen a lot or software lacks basic features.  Also there are no bridges between packages I would need.
Also other software that would be suitable is expensive, costing monthly fees and thats not really an option for a community support site.

So I stumbled upon this which seems to have everything I would like, apart from imageboards in one area but I'll get to that below. The admin area does a bit complex and not as friendly as wordpress and forum management for example, im sure its just getting used to it.

My requirements are pretty much that it must look modern for the main site, has all the features backend I need and be supported and intergrated with each other.

So one of the reasons I posted is to find out the long term support for this CMS, I want it to last say 5 years or so and be upgradable and fulfill my needs.  I have noticed that this has a lack of following with users and stuff, as most people use other software to run sites.

It appears mybb connector is a bit outdated it seems, I don't know about SMF or phpbb, as I was hoping to use a proper forum and connect to that but don't know the best to choose mby you guys can input into this.

The other thing is imageboard now I know I can't integrate that and thats fine. what I would like to do is use the login cookie token to control htaccess or something and allow or deny access based on that. but thats another topic to properly ask for help on once I get to that stage.

I did come into 1 error with OCPortal that was with short URL's I could not get them to work for some reason I got a error even using the recommended .htaccess and editing a variable below shortlinks wouldn't work.

I think it could have been to the htaccess using Options +FollowSymLinks from my understanding and the discussions going on is that this variable poses a security risk which is starting to be disabled on servers and software and one should use Options +SymLinksIfOwnerMatch instead.
I run web hosting software on my linux server called Virtualmin which has that original variable blocked for security reasons.

I can if wanted post this error in a relevant error I don't expect it fixed here etc as this is not a support board and this is mainly a hello post and me telling you guys about my own plans and so far with what I have found.

Also while typing this its a little annoying not having right click in the wysiwyg editor the one with most forums and wordpress etc allow right clicking on spelling errors etc which I make a lot and correct.

Overall I'm finding this seems like the software for me but a bit concerned about life and support of this etc.
Back to the top
 
Posted
Rating:
#104248
Avatar

Hi :),

So one of the reasons I posted is to find out the long term support for this CMS, I want it to last say 5 years or so and be upgradable and fulfill my needs.

We're not going anywhere. Well, we're going somewhere in that we're moving forward ;). Things are a bit bogged down right now, as my team have a tonne of projects on, and our v10 release is going to be huge but not yet finished (probably our biggest ever release). Things are going to be be very very different once v10 is out.

I have noticed that this has a lack of following with users and stuff, as most people use other software to run sites.

Mmm, we do tend to be largely ignored by the wider CMS and forum communities. A lot of it may be circular – "I don't want to use something that not as many people use as this thing". That's self-fulfilling. We tend to be a bit drowned out in the high volume around the really big systems. Maybe also we are more of a niche, as most people either want simple/standard sites (well, very simply admin UIs that consequentially can't do much either), or will pay a company lots of money to make something from a PHP framework.

Regardless, we're doing fine. My company does work for a number of multi-nationals and is the backbone of a number of startups – and a lot of this is ocPortal-based.

It appears mybb connector is a bit outdated it seems

I'm not sure anyone really opted to use it. Originally we implemented forum drivers for all the good and/or popular forums, and MyBB was good but not very popular at the time. It really ties into the above – if we had dozens of MyBB users turning up and using our integration, we'd be more motivated to keep it up-to-date – but otherwise the ball is in their park really. Has to be a two-way street with these integrations ;).

That said, I would say it is probably a mistake to use a third-party forum. Unless you really have an expert skinner and are willing to put in a few days time really tuning things so they seem seamless, it's always going to be clunky. Our OCF is a very-powerful forum, using it is not a compromise.

I did come into 1 error with OCPortal that was with short URL's I could not get them to work for some reason I got a error even using the recommended .htaccess and editing a variable below shortlinks wouldn't work.

Perhaps you got an Internal Server Error. The actual rules you need depend on how PHP and Apache are configured. A stripped down set of rules is in plain.htaccess. Sometimes you also need to set a RewriteBase (if you're in a subdirectory). Actually, you mentioned something similar – a particular rule your host has perhaps blocked.

Also while typing this its a little annoying not having right click in the wysiwyg editor the one with most forums and wordpress etc allow right clicking on spelling errors etc which I make a lot and correct.

People complain about this a lot ;). It comes from ckeditor, which uses right-click for things like manipulating table rows. I believe we have left a comment in our WYSIWYG_SETTINGS template on how to disable ckeditor's handling of right-clicks.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#104249
Avatar

Honoured member

Hi and welcome to the forums

Just Jarv
Back to the top
 
Posted
Rating:
#104250
Avatar

Fan in action

Cheers for the reply and hi Steven Jarvis's saw a couple things from you earlier somewhere, all good being bogged down, keeps you occupied etc.

I will look into the wysiwyg stuff myself now I know now what editor it is and where its located in the directory, not where your template with comments are though.

Good to hear you will be around, I try to make sure stuff is supported for a while especially wanting to do this support site which I see a general lack of dedicated support and a need soe that which I aim to fill, and have done for a while more so in recent times and want to make sure im setup for a while.  Also ill be aiming for a few hundred users to start up to thousands I would hope and support those that support me and the site users.

I was going to type more but didn't want to overload the initial post as I have recently tested quite a few things wordpress (I run on my newish personal blog), drupal, researched all the forums and used to run SMF etc as well as setting up a basic home web server to start which took the last few months so I'm pretty patient and not rushing anything.

Was going to try the wordpress phpbb bridge thats the only one available, but I'm wary as user plugins usually get abandoned after a couple months or have some bugs here and there.  Also test more forums etc and see whats what as I want to have community moderators that may not be the best with computers etc and may know alittle about normal forum stuff like phpbb etc.

That error I get when trying a short link was:

An error has occurred

Before you may enable mod_rewrite support, you must enable it on the web server. If you used the quick installer then the installer will have tried to set this up for you in the .htaccess file but did not manage it. This probably means that changes will need doing to the central server configuration. If you wish to try to change your .htaccess file manually, look at recommended.htaccess or plain.htaccess.


My apache error log is as follows if its any help. The server is internal only for testing on virtualmin the symlinks is probably the shortlinks others seem errors with the script install.

(Woops the fixed layout chopped the content, may need to add some scrollbars to it like other sites have) (One of the reasons I like normal forums etc issues like this and these editors can be a bit weird as you can see)

[Tue Aug 26 15:52:16 2014] [warn] [client 110.175.205.112] mod_fcgid: read data timeout in 31 seconds, referer: http://ptest.server.revnet/adminzone/index.php?page=admin_themewizard&type=step3&source_theme=default&algorithm=equations&seed=BCECF4&dark=0&inherit_css=0&themename=test
[Tue Aug 26 15:52:16 2014] [error] [client 110.175.205.112] Premature end of script headers: index.php, referer: http://ptest.server.revnet/adminzone/index.php?page=admin_themewizard&type=step3&source_theme=default&algorithm=equations&seed=BCECF4&dark=0&inherit_css=0&themename=test
[Tue Aug 26 16:12:06 2014] [error] [client 110.175.205.112] File does not exist: /home/webmaster/domains/ptest.server.revnet/public_html/browserconfig.xml
[Tue Aug 26 16:22:37 2014] [error] [client 110.175.205.112] File does not exist: /home/webmaster/domains/ptest.server.revnet/public_html/browserconfig.xml
[Tue Aug 26 16:44:47 2014] [alert] [client 110.175.205.112] /home/webmaster/domains/ptest.server.revnet/public_html/.htaccess: Option FollowSymLinks not allowed here
[Tue Aug 26 16:45:41 2014] [alert] [client 110.175.205.112] /home/webmaster/domains/ptest.server.revnet/public_html/.htaccess: Option FollowSymLinks not allowed here
[Tue Aug 26 16:45:43 2014] [alert] [client 110.175.205.112] /home/webmaster/domains/ptest.server.revnet/public_html/.htaccess: Option FollowSymLinks not allowed here 
[Tue Aug 26 16:53:17 2014] [error] [client 110.175.205.112] File does not exist: /home/webmaster/domains/ptest.server.revnet/public_html/browserconfig.xml


The reason why follow symlinks is a bad idea as mentioned is security and from one of virtualmins webhosting creators who posts a lot on the forum I found this quote from him about it to someone:

andreychek & virtualmin said

Any Virtualmin site that uses FollowSymLinks can be exploited to allow that user to read all files in /home. That was creating a nightmare of a different sort :-)


Virtualmin is similar to cpanel for internet domain creation and hosting, but has a opensource offering as well as corporate plans,, also its one of the components of the webmin system for managing linux boxes, so really handy and popular in user web server setup.

I was hoping short links would work more like other software such as.

server/
server/forum
server/blogs
server/chat
server/etc

Or even the reverse forum.server blog.server etc I was planning the reverse this way originally.

This would be more flexible for bookmarking and user navigation etc and is what most sites now are going to.  As well as consolidating code to a folder 'oc-content' for example to keep the directories clean wordpress does that and its a good thing to have.

Cheers for the help and hope this reply isn't too off topic or urgh as I know you guys do paid support etc.  I'll keep testing and looking at this and hope I may be able to work out sometime how to use a cookie to limit access to the other imageboard site based on login and I can then test that out and share info on how to do it of course.

It would be similar to using htpassword I guess, but allow it based on a if logged into the system then allow access to the subserver site.


Last edit: by drguild
Back to the top
 
Posted
Rating:
#104252
Avatar

"Before you may enable mod_rewrite support" probably indicates the .htaccess isn't being read at all. Check AllowOverride is enabled for the directory, as this is what determine if .htaccess files will be used.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#104253
Avatar

Actually I think my above post is nonsense. Hold on ;)...


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#104254
Avatar

That error I get when trying a short link was:

Ok, I don't think this can be true. The quoted error happens when trying to enable short URLs in the configuration, not when actually trying a short link.

ocPortal shows it at this line of code:

Code

      if ((post_param_integer('mod_rewrite',0)==1) && (get_option('mod_rewrite')=='0') && (substr(ocp_srv('SERVER_SOFTWARE'),0,6)=='Apache') && ((!file_exists(get_file_base().DIRECTORY_SEPARATOR.'.htaccess')) || (strpos(file_get_contents(get_file_base().DIRECTORY_SEPARATOR.'.htaccess'),'RewriteEngine on')===false) || (http_download_file(get_base_url().'/sitemap.htm',NULL,false,true)!='')))

This basically says "If running Apache, give the error if there is no .htaccess file in place or if that .htaccess file isn't enabling rewrites or if the rewrite URLs don't actually work when a request is made to a sample one [/sitemap.htm].".


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#104255
Avatar

See what happens if you go to /sitemap.htm manually.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#104256
Avatar

Fan in action

Chris Graham said

That error I get when trying a short link was:
Ok, I don't think this can be true. The quoted error happens when trying to enable short URLs in the configuration, not when actually trying a short link.

ocPortal shows it at this line of code:

Code

      if ((post_param_integer('mod_rewrite',0)==1) && (get_option('mod_rewrite')=='0') && (substr(ocp_srv('SERVER_SOFTWARE'),0,6)=='Apache') && ((!file_exists(get_file_base().DIRECTORY_SEPARATOR.'.htaccess')) || (strpos(file_get_contents(get_file_base().DIRECTORY_SEPARATOR.'.htaccess'),'RewriteEngine on')===false) || (http_download_file(get_base_url().'/sitemap.htm',NULL,false,true)!='')))<br />
This basically says "If running Apache, give the error if there is no .htaccess file in place or if that .htaccess file isn't enabling rewrites or if the rewrite URLs don't actually work when a request is made to a sample one [/sitemap.htm].".

I probably got my terms wrong I'm trying to enable the links.  Should have been clearer on that, havn't actually got the short links working.

HTAccess file I used the recommended one as there wasn't one already there.

Directives have rewrite one etc, on which is the same for all domains so I don't want to be changing this stuff as everyone using the system is using this pretty much.

Code

SuexecUserGroup #501 #501
ServerName ptest.server.revnet
ServerAlias www.ptest.server.revnet
ServerAlias webmail.ptest.server.revnet
ServerAlias admin.ptest.server.revnet
ServerAlias ptest.drguild2.noip.me
ServerAlias www.ptest.drguild2.noip.me
DocumentRoot /home/webmaster/domains/ptest.server.revnet/public_html
ErrorLog /var/log/virtualmin/ptest.server.revnet_error_log
CustomLog /var/log/virtualmin/ptest.server.revnet_access_log combined
ScriptAlias /cgi-bin/ /home/webmaster/domains/ptest.server.revnet/cgi-bin/
DirectoryIndex index.html index.htm index.php index.php4 index.php5
<Directory /home/webmaster/domains/ptest.server.revnet/public_html>
Options -Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch +ExecCGI
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
AddHandler fcgid-script .php
AddHandler fcgid-script .php5
FCGIWrapper /home/webmaster/domains/ptest.server.revnet/fcgi-bin/php5.fcgi .php
FCGIWrapper /home/webmaster/domains/ptest.server.revnet/fcgi-bin/php5.fcgi .php5
</Directory>
<Directory /home/webmaster/domains/ptest.server.revnet/cgi-bin>
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
</Directory>
RewriteEngine on
RewriteCond %{HTTP_HOST} =webmail.ptest.server.revnet
RewriteRule ^(.*) https://ptest.server.revnet:20000/ [R]
RewriteCond %{HTTP_HOST} =admin.ptest.server.revnet
RewriteRule ^(.*) https://ptest.server.revnet:10000/ [R]
RemoveHandler .php
RemoveHandler .php5
php_admin_value engine Off
IPCCommTimeout 31
FcgidMaxRequestLen 1073741824
Alias /dav /home/webmaster/domains/ptest.server.revnet/public_html
Alias /pipermail /var/lib/mailman/archives/public
<Location /dav>
DAV on
AuthType Basic
AuthName "ptest.server.revnet"
AuthUserFile /home/webmaster/domains/ptest.server.revnet/etc/dav.digest.passwd
Require valid-user
ForceType text/plain
Satisfy All
RemoveHandler .php
RemoveHandler .php5
RewriteEngine off
</Location>
RedirectMatch /cgi-bin/mailman/([^/\.]*)(.cgi)?(.*) https://ptest.server.revnet:10000/virtualmin-mailman/unauthenticated/$1.cgi$3
RedirectMatch /mailman/([^/\.]*)(.cgi)?(.*) https://ptest.server.revnet:10000/virtualmin-mailman/unauthenticated/$1.cgi$3


Update: went there I get the sitemap links everything is a full link.

First 2 for example:
http://ptest.server.revnet/index.php?page=start
http://ptest.server.revnet/index.php?page=recommend_help
Back to the top
 
Posted
Rating:
#104258
Avatar

Oh, I think I know what is wrong.

Try going to OcCLE (under Admin Zone / Tools) and typing this…

Code

echo 1 > /etc/mod_rewrite

I think the server isn't able to connect to itself, due to your current security settings, so failed to confirm short URLs are working.

Hence it won't turn them on via the UI lest you lock yourself out.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#104261
Avatar

Fan in action

Chris Graham said

Oh, I think I know what is wrong.

Try going to OcCLE (under Admin Zone / Tools) and typing this…

Code

echo 1 &amp;gt; /etc/mod_rewrite&lt;br /&gt;
I think the server isn't able to connect to itself, due to your current security settings, so failed to confirm short URLs are working.

Hence it won't turn them on via the UI lest you lock yourself out.
Tried that and got a :

I did some more looking as my wordpress works fine and no issues on a different vhost (virtualhost using virtualmin deployment) on the server facing the net.

I tried a test on this vhost the portal is under using the below:

.htaccess

Code

RewriteEngine On
RewriteRule ^link([^/]*).html$ rewrite.php?link=$1 [L]
testphp

Code

<html>
<h2 align=center>
<?php
// mod_rewrite Test Page
// Copyright 2006 Webune.com
if($_GET['link']==1){echo"You are not using mod_rewrite";}
elseif($_GET['link']==2){echo"Congratulations!! You are using Apache mod_rewrite";}
else{echo"Linux Apache mod_rewrte Test Tutorial";}
?>
</h2>
<hr>
<head>
<title>How To Test mod_rewrite in Apache Linux Server</title>
</head>
<body>
<p align="center">by <a href="http://www.webune.com">Webune</a></p>
<p><a href="rewrite.php?link=1">LINK1</a> = rewrite.php?link=1</p>
<p><a href="link2.html">LINK2</a> = link2.html</p>
<p>How this works: both links are for this same page, except they both are different. link one is without the mod_rewrite and link2 is using mod_rewrite. Link1 show the php file, with with mod_rewrite we are mascarading the php file into a html file. you can use whatever type of extension you want, you can change it to .htm or .shtml etc... all you have to do is to make sure you also chang it in the .htaccess file</p>
<p>&lt;&lt; <a href="http://www.webune.com/forums/viewtopic-p-62.html">Go back to webune forums.</a></p>
</body>
</html>
This test above worked fine and I got back:
Congratulations!! You are using Apache mod_rewrite

I think it might be that symlink thing which I did change from:
Options +FollowSymLinks
to
Options +SymLinksIfOwnerMatch

Which unfortunately is a security risk via the original method and hence is disabled in virtualmin and other systems are disabling that method also.

If thats the reason I'm not sure, I also tried commenting it out etc with no luck.

So it is assumed the htaccess file that is the issue causing this and hence is something to look into and fix etc for other people.
Back to the top
 
Posted
Rating:
#104262
Avatar

I can't open URLs like http://ptest.server.revnet/index.php?page=start, to do any testing, so really I am just speculating.

I doubt it is anything to do with symlinks. ocPortal doesn't use any, and it should have no relationships to the htaccess files.

To see if the htaccess is being used at all try placing some gibberish in it. If you don't get an Internal Server Error, the file isn't being read at all.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#104263
Avatar

Fan in action

Update: As mentioned its my internal test server not a public facing one I have on other domains I run both internal testing sites like this and my public facing my others, this is mainly a test and setup and see if it works thing.
As for the symlink variable, well it seems to be that, as thats the only thing in the htaccess changed and I had 500 internal errors when the other value was in but I had it changed and had no luck as below .... strange.

And a update its decided to work now.

Dunno what happened but its working.

The edited .htaccess is now this.

Same as recommended but with the changed symlink variable.

In the menu its validating fine on short links and everything is fine.

Mby I accidently added a space in the variable or something before but all good now.

So hopefully you guys can change the variable in the upstream for others.

Code

# Disable inaccurate security scanning (ocPortal has it's own)
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
SecRuleRemoveById 300018 340147 340014 950119 950120 973331
</IfModule>

<IfModule mod_php5.c>
# ocPortal needs uploads; many hosts leave these low
php_value post_max_size "16M"
php_value upload_max_filesize "16M"

# Turn insecure things off
php_flag allow_url_fopen off
php_flag register_globals off

# Put some limits up. ocPortal is stable enough not to cause problems- it'll only use higher limits when it really needs them
php_value memory_limit "128M"
php_value max_input_time "300"
php_value max_execution_time "30"

php_value max_input_vars "2000"
php_value mbstring.func_overload "0"
# Suhosin can cause problems on configuration, language editing, and Catalogue forms, which use a lot of fields
php_value suhosin.post.max_vars "2000"
php_value suhosin.request.max_vars "2000"
php_value suhosin.cookie.max_vars "400"
php_value suhosin.cookie.max_name_length "150"
php_value suhosin.post.max_value_length "100000000"
php_value suhosin.request.max_value_length "100000000"
php_value suhosin.post.max_totalname_length "10000"
php_value suhosin.request.max_totalname_length "10000"
php_flag suhosin.cookie.encrypt off
php_flag suhosin.sql.union off
</IfModule>

# This unavoidably kills filedump folder creation, and stops us controlling our script execution time
# php_flag safe_mode off      But unfortunately we can't control it except from php.ini

# Sandbox ocPortal to it's own directory
# php_value open_basedir "/tmp:/home/blah/public_html/ocportal/"      But needs customising for your server and only works outside php.ini in PHP6+

# Set ocPortal to handle 404 errors. Assume ocPortal is in the root
<FilesMatch !"\.(jpg|jpeg|gif|png|ico)$">
ErrorDocument 404 /index.php?page=404
</FilesMatch>

<IfModule mod_rewrite.c>
# Needed for mod_rewrite. Disable this line if your server does not have AllowOverride permission (can be one cause of Internal Server Errors)
Options +SymLinksIfOwnerMatch

RewriteEngine on

# Redirect away from modules called directly by URL. Helpful as it allows you to "run" a module file in a debugger and still see it running.
RewriteRule ^([^=]*)webdav.php/([^=]*)pages/(modules|modules\_custom)/([^/]*)\.php$ - [L]
RewriteRule ^([^=]*)pages/(modules|modules\_custom)/([^/]*)\.php$ $1index.php\?page=$3 [L,QSA,R]

# These have a specially reduced form (no need to make it too explicit that these are Wiki+)
# &nbsp;We shouldn't shorten them too much, or the actual zone or base url might conflict
RewriteRule ^([^=]*)pg/s/([^\&\?]*)/index\.php$ $1index.php\?page=cedi&id=$2 [L,QSA]

# These have a specially reduce form (wide is implied)
RewriteRule ^([^=]*)pg/galleries/image/([^\&\?]*)/index\.php(.*)$ $1index.php\?page=galleries&type=image&id=$2&wide=1$3 [L,QSA]
RewriteRule ^([^=]*)pg/galleries/video/([^\&\?]*)/index\.php(.*)$ $1index.php\?page=galleries&type=video&id=$2&wide=1$3 [L,QSA]
RewriteRule ^([^=]*)pg/iotds/view/([^\&\?]*)/index\.php(.*)$ $1index.php\?page=iotds&type=view&id=$2&wide=1$3 [L,QSA]

# These are standard patterns
RewriteRule ^([^=]*)pg/([^/\&\?]*)/([^/\&\?]*)/([^\&\?]*)/index\.php(.*)$ $1index.php\?page=$2&type=$3&id=$4$5 [L,QSA]
RewriteRule ^([^=]*)pg/([^/\&\?]*)/([^/\&\?]*)/index\.php(.*)$ $1index.php\?page=$2&type=$3$4 [L,QSA]
RewriteRule ^([^=]*)pg/([^/\&\?]*)/index\.php(.*)$ $1index.php\?page=$2$3 [L,QSA]
# This one is weird... apache strips out // and turns to /, thus requiring an extra pattern...
RewriteRule ^([^=]*)pg/index\.php(.*)$ $1index.php\?page=$3 [L,QSA]

# Now the same, but without any additional parameters (and thus no index.php)
RewriteRule ^([^=]*)pg/s/([^\&\?]*)$ $1index.php\?page=cedi&id=$2 [L,QSA]
RewriteRule ^([^=]*)pg/galleries/image/([^\&\?]*)$ $1index.php\?page=galleries&type=image&id=$2&wide=1$3 [L,QSA]
RewriteRule ^([^=]*)pg/galleries/video/([^\&\?]*)$ $1index.php\?page=galleries&type=video&id=$2&wide=1$3 [L,QSA]
RewriteRule ^([^=]*)pg/iotds/view/([^\&\?]*)$ $1index.php\?page=iotds&type=view&id=$2&wide=1 [L,QSA]
RewriteRule ^([^=]*)pg/([^/\&\?]*)/([^/\&\?]*)/([^\&\?]*)/$ $1index.php\?page=$2&type=$3&id=$4 [L,QSA]
RewriteRule ^([^=]*)pg/([^/\&\?]*)/([^/\&\?]*)/([^\&\?]*)$ $1index.php\?page=$2&type=$3&id=$4 [L,QSA]
RewriteRule ^([^=]*)pg/([^/\&\?]*)/([^/\&\?]*)$ $1index.php\?page=$2&type=$3 [L,QSA]
RewriteRule ^([^=]*)pg/([^/\&\?]*)$ $1index.php\?page=$2 [L,QSA]

# And these for those nasty situations where index.php was missing and we couldn't do anything about it (usually due to keep_session creeping into a semi-cached URL)
RewriteRule ^([^=]*)pg/s/([^\&\?\.]*)&(.*)$ $1index.php\?$3&page=cedi&id=$2 [L,QSA]
RewriteRule ^([^=]*)pg/galleries/image/([^/\&\?\.]*)&(.*)$ $1index.php\?$5&page=galleries&type=image&id=$2&wide=1&$3 [L,QSA]
RewriteRule ^([^=]*)pg/galleries/video/([^/\&\?\.]*)&(.*)$ $1index.php\?$5&page=galleries&type=video&id=$2&wide=1&$3 [L,QSA]
RewriteRule ^([^=]*)pg/iotds/view/([^/\&\?\.]*)&(.*)$ $1index.php\?$3&page=iotds&type=view&id=$2&wide=1 [L,QSA]
RewriteRule ^([^=]*)pg/([^/\&\?\.]*)/([^/\&\?\.]*)/([^/\&\?\.]*)&(.*)$ $1index.php\?$5&page=$2&type=$3&id=$4 [L,QSA]
RewriteRule ^([^=]*)pg/([^/\&\?\.]*)/([^/\&\?\.]*)&(.*)$ $1index.php\?$4&page=$2&type=$3 [L,QSA]
RewriteRule ^([^=]*)pg/([^/\&\?\.]*)&(.*)$ $1index.php\?$3&page=$2 [L,QSA]

# These have a specially reduced form (no need to make it too explicit that these are Wiki+)
# &nbsp;We shouldn't shorten them too much, or the actual zone or base url might conflict
RewriteRule ^(site|forum|adminzone|cms|collaboration)/s/([^\&\?]*)\.htm$ $1/index.php\?page=cedi&id=$2 [L,QSA]
RewriteRule ^s/([^\&\?]*)\.htm$ index\.php\?page=cedi&id=$1 [L,QSA]

# These have a specially reduce form (wide is implied)
RewriteRule ^(site|forum|adminzone|cms|collaboration)/galleries/image/([^\&\?]*)\.htm$ $1/index.php\?page=galleries&type=image&id=$2&wide=1 [L,QSA]
RewriteRule ^(site|forum|adminzone|cms|collaboration)/galleries/video/([^\&\?]*)\.htm$ $1/index.php\?page=galleries&type=video&id=$2&wide=1 [L,QSA]
RewriteRule ^(site|forum|adminzone|cms|collaboration)/iotds/view/([^\&\?]*)\.htm$ $1/index.php\?page=iotds&type=view&id=$2&wide=1 [L,QSA]

# These are standard patterns
RewriteRule ^(site|forum|adminzone|cms|collaboration)/([^/\&\?]+)/([^/\&\?]*)/([^\&\?]*)\.htm$ $1/index.php\?page=$2&type=$3&id=$4 [L,QSA]
RewriteRule ^(site|forum|adminzone|cms|collaboration)/([^/\&\?]+)/([^/\&\?]*)\.htm$ $1/index.php\?page=$2&type=$3 [L,QSA]
RewriteRule ^(site|forum|adminzone|cms|collaboration)/([^/\&\?]+)\.htm$ $1/index.php\?page=$2 [L,QSA]
RewriteRule ^([^/\&\?]+)/([^/\&\?]*)/([^\&\?]*)\.htm$ index.php\?page=$1&type=$2&id=$3 [L,QSA]
RewriteRule ^([^/\&\?]+)/([^/\&\?]*)\.htm$ index.php\?page=$1&type=$2 [L,QSA]
RewriteRule ^([^/\&\?]+)\.htm$ index.php\?page=$1 [L,QSA]
</IfModule>


order allow,deny
# IP bans go here (leave this comment here! If this file is writeable, ocPortal will write in IP bans below, in sync with it's own DB-based banning - this makes DOS/hack attack prevention stronger)
# deny from xxx.xx.x.x (leave this comment here!)
allow from all


Last edit: by drguild
Back to the top
 
Posted
Rating:
#104264
Avatar

Your example above does suggest you have rewrites working somewhere, yes.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#104265
Avatar

Hmm, looks like you may be right. Never heard of anything like this before though. Usually invalid rules in htaccess just causes Internal Server Error and breaks everything, so this is unusual.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#104266
Avatar

Ok, taken a look at SymLinksIfOwnerMatch -- yeah, we can use that. Thx for the feedback :).


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#104269
Avatar

Fan in action

I'm a tinkerer I love a good problem like to solve.

As mentioned ptest is a subserver of my internal computer hostname called Server so only internal I do have external sites and an reserved vhost for this support site once I'm ready to start setting things up just has a basic parking page on it atm.

That solves one issue.

The other feedback is a cleanup etc of files would be handy as I said above into a 'oc-content' or something folder to keep the web directory neater if you also have other scripts and stuff installed which I do occasionally and like to subfolder things, and ability to put things under dedicated rewrites as above also.

So instead of /site/pg/chat/room/general-chat

I could have /general-chat which would make it soo much nicer.

Now I can look and if I can use the login cookie to trigger a site authentication via htaccess or something for a complete separate site which will require login to the main site first to access, any ideas?
Back to the top
 
Posted
Rating:
#104271
Avatar

You can't really control URLs to that much of a degree. In v10 you'll be able to specify the exact URL of a page, or most forms of content including I think also of forum topics, but not such that all new topics automatically have a particular format of URL of your choosing – i.e. there's a lookup table, but you can't define new defaults.
Also it would always be under the base URL.

With software like ocPortal you've got 100s of things connected to dozens of things, so dynamically replumbing stuff without being a programmer is not going to be an option. It's not like Wordpress which only has pages and posts, or a forum which only has topics in forums.

I bet when we release v10 people will start using the new URL flexibility, then ask how to do much more, like some of what you describe here. The list of things people want to customise without being a programmer is endless, then if we do make it customisable we risk making everything about the product more complicated, my nightmare ;).

Now I can look and if I can use the login cookie to trigger a site authentication via htaccess or something for a complete separate site which will require login to the main site first to access, any ideas?

I think you're mixing your terminology a bit, but we have something similar. You set up accounts in an htaccess and it auto-binds it to auto-created OCF accounts. There's a tutorial on it I think, although it's probably rather brief as it is one of our more esoteric features.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#104272
Avatar

Fan in action

Chris Graham said

You can't really control URLs to that much of a degree. In v10 you'll be able to specify the exact URL of a page, or most forms of content including I think also of forum topics, but not such that all new topics automatically have a particular format of URL of your choosing – i.e. there's a lookup table, but you can't define new defaults.
Also it would always be under the base URL.

With software like ocPortal you've got 100s of things connected to dozens of things, so dynamically replumbing stuff without being a programmer is not going to be an option. It's not like Wordpress which only has pages and posts, or a forum which only has topics in forums.

I bet when we release v10 people will start using the new URL flexibility, then ask how to do much more, like some of what you describe here. The list of things people want to customise without being a programmer is endless, then if we do make it customisable we risk making everything about the product more complicated, my nightmare .

Now I can look and if I can use the login cookie to trigger a site authentication via htaccess or something for a complete separate site which will require login to the main site first to access, any ideas?
I think you're mixing your terminology a bit, but we have something similar. You set up accounts in an htaccess and it auto-binds it to auto-created OCF accounts. There's a tutorial on it I think, although it's probably rather brief as it is one of our more esoteric features.


First one understandable as long as it has the main areas on top level like blogs forums news chat etc it should be all good.

Second one is I will have a second site a stand alone imageboard as nothing has really been built into software there's a mod for wordpress but very basic, this idea is too much of a niche to expect someone to implement into a package / cms plus I need to work out what I want to run in that regard.

The thing is though I want to access control it based on whether they are logged into the main site or not.  I know you said accounts but I don't know.

I know it can be done for wordpress as this page here describes using the login cookie a more generic way on doing this which is the way I would be doing it is here.

Now I just need to work out what the cookie info the system uses for determining if a user is logged in or not and do the above.


Last edit: by drguild
Back to the top
 
Posted
Rating:
#104274
Avatar

Ah I see. Well, we do use login cookies (for 'remember me') and also session cookies (IDs into our sessions table). Nothing particularly unusual, similar to how forums do it.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
1 guests and 0 members have just viewed this: None
Control functions:

Quick reply   Expand