Welcome to Geeklog, Anonymous Wednesday, January 15 2025 @ 07:37 am EST
Geeklog Forums
Security Test
Status: offline
phpsocialclub
Forum User
Junior
Registered: 03/05/03
Posts: 30
Location:North Carolina
I have just finished upgrade five sites to 1.4.1 and I love all the improvements.
I can not however get the security warning to go away on any of them.
On one site the sectest.php results in
On another
1. Good! You seem to have removed the install directory already.
2. You still have not changed the default password from "password" on 3 account(s).
Please fix the above issues before using your site!
On the first site, I just want the message to go away,
One the second, I have no way of finding out which user has the default password, we have almost 10,000 users, but I do know none of the admins have it.
I see that I can go into the DB and make the change to the gl_vars table sectest row, but I was wondering if I am missing something, or if this could be a little clearer,
I work for a Wilmington NC Attorney
I can not however get the security warning to go away on any of them.
On one site the sectest.php results in
Results of the Security Check
1. Good! You seem to have removed the install directory already.
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
8. Good! You seem to have changed the default account password already.
Please fix the above issues before using your site!
1. Good! You seem to have removed the install directory already.
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
8. Good! You seem to have changed the default account password already.
Please fix the above issues before using your site!
On another
1. Good! You seem to have removed the install directory already.
2. You still have not changed the default password from "password" on 3 account(s).
Please fix the above issues before using your site!
On the first site, I just want the message to go away,
One the second, I have no way of finding out which user has the default password, we have almost 10,000 users, but I do know none of the admins have it.
I see that I can go into the DB and make the change to the gl_vars table sectest row, but I was wondering if I am missing something, or if this could be a little clearer,
I work for a Wilmington NC Attorney
14
18
Quote
Status: offline
Dirk
Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
For the password issue, see the later parts of the discussion here.
The "Success" thing is new to me - haven't seen that before. What's different on that site, as compared to the other?
bye, Dirk
The "Success" thing is new to me - haven't seen that before. What's different on that site, as compared to the other?
bye, Dirk
21
17
Quote
Status: offline
phpsocialclub
Forum User
Junior
Registered: 03/05/03
Posts: 30
Location:North Carolina
I am not really sure, the site with the success success was installed with Fantastico, then manually upgraded, It has all of its files in public_html, which is the way Fantistico does it.
I will probably reinstall everything in the right place next time,
Andrew
I work for a Wilmington NC Attorney
I will probably reinstall everything in the right place next time,
Andrew
I work for a Wilmington NC Attorney
20
18
Quote
Status: offline
Dirk
Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Quote by: phpsocialclub
It has all of its files in public_html, which is the way Fantistico does it.
... and which is the main reason why we have this test script now: Because many Fantastico installs are not properly secured. So I would be very interested to find out why it's not working properly for you.
bye, Dirk
21
33
Quote
All times are EST. The time is now 07:37 am.
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content