From 48ac05b6e1a1f7c54dccaddc91f8f7eabfa04c40 Mon Sep 17 00:00:00 2001 From: Mzhelskiy Maxim Date: Tue, 4 May 2010 12:54:58 +0000 Subject: [PATCH] fix security plugin --- plugins/page/PluginPage.class.php | 7 +++++++ plugins/page/classes/.htaccess | 2 ++ plugins/page/config/.htaccess | 2 ++ plugins/page/templates/.htaccess | 5 +++++ plugins/profiler/PluginProfiler.class.php | 7 +++++++ plugins/profiler/classes/.htaccess | 2 ++ plugins/profiler/config/.htaccess | 2 ++ plugins/profiler/templates/.htaccess | 5 +++++ 8 files changed, 32 insertions(+) create mode 100644 plugins/page/classes/.htaccess create mode 100644 plugins/page/config/.htaccess create mode 100644 plugins/page/templates/.htaccess create mode 100644 plugins/profiler/classes/.htaccess create mode 100644 plugins/profiler/config/.htaccess create mode 100644 plugins/profiler/templates/.htaccess diff --git a/plugins/page/PluginPage.class.php b/plugins/page/PluginPage.class.php index e070dfb5..6443bd4e 100644 --- a/plugins/page/PluginPage.class.php +++ b/plugins/page/PluginPage.class.php @@ -15,6 +15,13 @@ --------------------------------------------------------- */ +/** + * Запрещаем напрямую через браузер обращение к этому файлу. + */ +if (!class_exists('Plugin')) { + die('Hacking attemp!'); +} + class PluginPage extends Plugin { /** diff --git a/plugins/page/classes/.htaccess b/plugins/page/classes/.htaccess new file mode 100644 index 00000000..2859d7f4 --- /dev/null +++ b/plugins/page/classes/.htaccess @@ -0,0 +1,2 @@ +Order Deny,Allow +Deny from all \ No newline at end of file diff --git a/plugins/page/config/.htaccess b/plugins/page/config/.htaccess new file mode 100644 index 00000000..2859d7f4 --- /dev/null +++ b/plugins/page/config/.htaccess @@ -0,0 +1,2 @@ +Order Deny,Allow +Deny from all \ No newline at end of file diff --git a/plugins/page/templates/.htaccess b/plugins/page/templates/.htaccess new file mode 100644 index 00000000..3d30e94c --- /dev/null +++ b/plugins/page/templates/.htaccess @@ -0,0 +1,5 @@ +Options -Indexes + + Order allow,deny + Deny from all + \ No newline at end of file diff --git a/plugins/profiler/PluginProfiler.class.php b/plugins/profiler/PluginProfiler.class.php index 99f7fe12..524b8af3 100644 --- a/plugins/profiler/PluginProfiler.class.php +++ b/plugins/profiler/PluginProfiler.class.php @@ -15,6 +15,13 @@ --------------------------------------------------------- */ +/** + * Запрещаем напрямую через браузер обращение к этому файлу. + */ +if (!class_exists('Plugin')) { + die('Hacking attemp!'); +} + class PluginProfiler extends Plugin { /** * Активация плагина Профайлер. diff --git a/plugins/profiler/classes/.htaccess b/plugins/profiler/classes/.htaccess new file mode 100644 index 00000000..2859d7f4 --- /dev/null +++ b/plugins/profiler/classes/.htaccess @@ -0,0 +1,2 @@ +Order Deny,Allow +Deny from all \ No newline at end of file diff --git a/plugins/profiler/config/.htaccess b/plugins/profiler/config/.htaccess new file mode 100644 index 00000000..2859d7f4 --- /dev/null +++ b/plugins/profiler/config/.htaccess @@ -0,0 +1,2 @@ +Order Deny,Allow +Deny from all \ No newline at end of file diff --git a/plugins/profiler/templates/.htaccess b/plugins/profiler/templates/.htaccess new file mode 100644 index 00000000..3d30e94c --- /dev/null +++ b/plugins/profiler/templates/.htaccess @@ -0,0 +1,5 @@ +Options -Indexes + + Order allow,deny + Deny from all + \ No newline at end of file