Backing Up view_paths

There was a major update on the Elgg platform. The new version, Elgg 1.7.4, has some major security changes and enhacements. Their community provides OpenGL plugins that anyone can use free of charge. However, they still host plugins from previous versions, that can hurt your site.

Learn More

Tags: , , , , , , , , , , , , | Posted under EggBlog, Elgg | 1 Comment

Setting custom php.ini files for your website

Many of us have wondered, how can we change some of the PHP directives to match some script requirements? Even though this might sound complicated, it is much easier than it looks.

First, we should know a few facts about PHP directives and where they reside. We have 3 levels of php.ini file levels:

1)      Server global php.ini (this file resides in the server configuration and this cannot be edited by the users in a shared hosting environment).

2)      User global php.ini (this file usually resides in the main folder for a user website, like public_html and this serves all the php scripts that fall under the user account).

3)      User local php.ini file (this file is not limited to a specific path and can be deployed by the user wherever he feels he needs to change some parameters for some script).

Learn More

Tags: , , , , , | Posted under CGI, cPanel Tutorials, cPanel/Linux Hosting, Customization, PHP.ini | 6 Comments

Protecting Your Elgg Site

Some people are telling Elgg users to disable a plugin called “HTMLAWED plugin” ( a plugin that comes as default in every Elgg install) so that they can embed content. This is not recommended.

The plugin mentioned above stops users from adding arbitrary HTML/PHP code onto your site that could break your site design and might even allow phishers to embed code in order to steal their passwords.

Learn More

Tags: , , , , , , , , , , , , | Posted under Elgg, Security/Vulnerability | 2 Comments