Lunarpages Web Hosting Forum

Author Topic: CGI upload script  (Read 10597 times)

Offline TranzNDance

  • Princess of Naboo
  • Berserker Poster
  • *****
  • Posts: 11567
    • Thu Tu's Blog
CGI upload script
« Reply #45 on: July 23, 2004, 08:28:11 PM »
hmmm... would hotlink protection protect scripts from running elsewhere, without any other similar security mechanisms? That would be good to have another layer of security.
:whip: :love: :whip: :love: :whip: :love:

Priest

  • Guest
CGI upload script
« Reply #46 on: July 23, 2004, 09:01:54 PM »
Not natively they wouldn't.  You could go back into the htaccess file and add the script extensions that you wanted protected.

Offline fo0hzy

  • Intergalactic Superstar
  • *****
  • Posts: 168
CGI upload script
« Reply #47 on: July 23, 2004, 09:09:47 PM »
I have turned on hotlink protection & tested it on two friend's forums... the redirect image (stop stealing my sh*t!) showed up just fine ;)
www.awfulpics.com could not be found. Please check the name and try again.

Offline fo0hzy

  • Intergalactic Superstar
  • *****
  • Posts: 168
CGI upload script
« Reply #48 on: July 25, 2004, 07:20:03 PM »
Then it showed up on my own forum this morning, but only for one person... everyone else got the normal forum, but one guy got the hotlink image for every single image related to the forum :/ So I disabled it for now.
www.awfulpics.com could not be found. Please check the name and try again.

Offline TranzNDance

  • Princess of Naboo
  • Berserker Poster
  • *****
  • Posts: 11567
    • Thu Tu's Blog
CGI upload script
« Reply #49 on: July 25, 2004, 07:24:16 PM »
fo0hzy,

Do you have both versions of your domain name in the whitelist?
It should be:
http://www.yourdomain.com
http://yourdomain.com
:whip: :love: :whip: :love: :whip: :love:

Offline fo0hzy

  • Intergalactic Superstar
  • *****
  • Posts: 168
CGI upload script
« Reply #50 on: July 27, 2004, 02:20:36 PM »
Yep they are...

Three people have complained about this issue so far. I just enabled it again, only this time I ticked the little box "Enable direct requests"... dunno if that will make a difference, but there's only so many options.

One says it works fine on his home computer, but fouls up on his work computer... the other gets just the opposite. I think it's gotta be something to do with their systems, though what it could be, I have no idea. I had them all clean out their temp files & cookies but that didn't help.

 :?
www.awfulpics.com could not be found. Please check the name and try again.

Offline TranzNDance

  • Princess of Naboo
  • Berserker Poster
  • *****
  • Posts: 11567
    • Thu Tu's Blog
CGI upload script
« Reply #51 on: July 27, 2004, 02:25:16 PM »
Could you please post the link(s) with the problem? If it's a forum that requires a login, please provide, that, too.

I wonder if it has to do with some software blocking the referrer, which has some consequence which I can't remember right now.
:whip: :love: :whip: :love: :whip: :love:

leighsww

  • Guest
CGI upload script
« Reply #52 on: July 27, 2004, 02:28:37 PM »
fo0hzy, post what is in your .htaccess file so we can see what's written in there.

Offline fo0hzy

  • Intergalactic Superstar
  • *****
  • Posts: 168
CGI upload script
« Reply #53 on: July 27, 2004, 02:50:51 PM »
It is this forum: http://www.dangerouslystupid.com/forum/ (I will PM the username & password)


Here's the htaccess

Code: [Select]
order allow,deny
allow from all



RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://dangerouslystupid.com/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^http://dangerouslystupid.com$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.dangerouslystupid.com/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.dangerouslystupid.com$      [NC]
RewriteRule .*\.(jpg|jpeg|gif|png|bmp)$ - [F,NC]
www.awfulpics.com could not be found. Please check the name and try again.

Offline fo0hzy

  • Intergalactic Superstar
  • *****
  • Posts: 168
CGI upload script
« Reply #54 on: July 27, 2004, 06:19:05 PM »
Okay, the guy who was having problems from his home computer finally got home & logged on... and reports no troubles! Maybe ticking that lil box that says "Enable direct requests" did the trick?

We'll see when the other two affected members log in...  I'll keep ya posted... thanks :thumb:
www.awfulpics.com could not be found. Please check the name and try again.