Forum

Installation of the component for Joomla, does not work.

Alex
14 January 2010, 13:31
Hi Hugo,

I believe that the protective functions of Hiawatha hinder an installation of the component for Joomla.
You know it certainly like this installation with Joomla runs off. A zip file must be uploaded in a /tmp by Joomla and from this folder installed.
I have looked, the uploaded zip file is in the /tmp folder, but the Joomla can do with it nothing, does not have enough rights.
Whole joomla Running as www-data and has right chmod folder 755 and files 644
With it you an overview has I show my configuration files of Hiawatha.
# Hiawatha main configuration file
#


# GENERAL SETTINGS
#
ServerId = www-data
ConnectionsTotal = 150
ConnectionsPerIP = 10
SystemLogfile = /var/log/hiawatha/system.log
GarbageLogfile = /var/log/hiawatha/garbage.log


# BINDING SETTINGS
# A binding is where a client can connect to.
#
Binding {
Port = 80
# Interface = 127.0.0.1
MaxRequestSize = 2560
MaxUploadSize = 50
MaxKeepAlive = 1000
# TimeForRequest = 3,20
}
#
#Binding {
# Port = 443
# Interface = ::1
# MaxKeepAlive = 30
# TimeForRequest = 3,20
# SSLcertFile = hiawatha.pem
#}


# BANNING SETTINGS
# Deny service to clients who misbehave.
#
#BanOnGarbage = 300
#BanOnMaxPerIP = 60
#BanOnMaxReqSize = 300
#BanOnSQLi = 70
#BanOnFlooding = 10/1:35
#KickOnBan = yes
#RebanDuringBan = yes


# COMMON GATEWAY INTERFACE (CGI) SETTINGS
# These settings can be used to run CGI applications. Use the 'php-fcgi'
# tool to start PHP as a FastCGI daemon.
#
#CGIhandler = /usr/bin/perl:pl
#CGIhandler = /usr/bin/php-cgi:php
#CGIhandler = /usr/bin/python:py
#CGIhandler = /usr/bin/ruby:rb
#CGIhandler = /usr/bin/ssi-cgi:shtml
#CGIextension = cgi
#
FastCGIserver {
FastCGIid = PHP5
ConnectTo = 127.0.0.1:2005
Extension = php
SessionTimeout = 150
}

UrlToolkit {
ToolkitID = joomla
Match mosConfig_[a-zA-Z_]{1,21}(=|\%3D) DenyAccess
Match base64_encode.*\(.*\) DenyAccess
#Match (<|%3C).*script.*(>|%3E) DenyAccess
Match GLOBALS(=|\[|\%[0-9A-Z]{0,2}) DenyAccess
Match _REQUEST(=|\[|\%[0-9A-Z]{0,2}) DenyAccess
RequestURI exists Return
Match .* Rewrite /index.php
}

# DEFAULT WEBSITE
# It is wise to use your IP address as the hostname of the default website
# and give it a blank webpage. By doing so, automated webscanners won't find
# your possible vulnerable website.
#
Hostname = 65.64.78.32
WebsiteRoot = /var/www/hiawatha
StartFile = index.html
AccessLogfile = /var/log/hiawatha/access.log
ErrorLogfile = /var/log/hiawatha/error.log
Alias = /mysql:/usr/share/phpmyadmin
AccessList = allow 82.53.0.0/16, deny all
UseFastCGI = PHP5
#ErrorHandler = 404:/error.cgi

# VIRTUAL HOSTS
# Use a VirtualHost section to declare the websites you want to host.
#
VirtualHost {
Hostname = mysite1.de, www.mysite1.de
WebsiteRoot = /var/www/mysite1.de
StartFile = index.php
AlterGroup = www-data
AccessLogfile = /var/www/mysite1.de/logs/access.log
ErrorLogfile = /var/www/mysite1.de/logs/error.log
# ExecuteCGI = yes
FollowSymlinks = yes
EnablePathInfo = yes
#TriggerOnCGIstatus = no
TimeForCGI = 60
UseFastCGI = PHP5
#UseToolkit = joomla
EnablePathInfo = yes
UseGZfile = yes
PreventCSRF = yes
PreventSQLi = yes
PreventXSS = yes
}

VirtualHost {
Hostname = mysite2.de, www.mysite2.de
WebsiteRoot = /var/www/mysite2.de
StartFile = index.php
AlterGroup = www-data
AccessLogfile = /var/www/mysite2.de/logs/access.log
ErrorLogfile = /var/www/mysite2.de/logs/error.log
ExecuteCGI = yes
FollowSymlinks = yes
EnablePathInfo = yes
TriggerOnCGIstatus = no
TimeForCGI = 60
UseFastCGI = PHP5
UseToolkit = joomla
EnablePathInfo = yes
UseGZfile = yes
PreventCSRF = yes
PreventSQLi = yes
PreventXSS = yes
}

VirtualHost {
Hostname = mysite3.de, www.mysite3.de
WebsiteRoot = /var/www/mysite3.de
StartFile = index.php
AlterGroup = www-data
AccessLogfile = /var/www/mysite3.de/logs/access.log
ErrorLogfile = /var/www/mysite3.de/logs/error.log
ExecuteCGI = yes
FollowSymlinks = yes
EnablePathInfo = yes
TriggerOnCGIstatus = no
TimeForCGI = 60
UseFastCGI = PHP5
UseToolkit = joomla
EnablePathInfo = yes
UseGZfile = yes
PreventCSRF = yes
PreventSQLi = yes
PreventXSS = yes
}

# DIRECTORY SETTINGS
# You can specify some settings per directory.
#
Directory {
Path = /var/www/mysite1.de/administrator
AccessList = allow 82.53.0.0/16, deny all
ExecuteCGI = yes
}
Directory {
Path = /var/www/mysite2.de/administrator
AccessList = allow 82.53.0.0/16, deny all
ExecuteCGI = yes
}
Directory {
Path = /var/www/mysite3.de/administrator
AccessList = allow 82.53.0.0/16, deny all
ExecuteCGI = yes
}



# PHP FastCGI configuration

# Path to PID-file.
# PidFile = <filename>
#
PidFile = /var/run/php-fcgi.pid

# Number of forks per server.
# Forks = <number>
#
Forks = 3

# Number of maximum requests per fork before respawning.
# MaxRequests = <number>
#
MaxRequests = 100

# Set environment variables for the FastCGI processes.
# Setenv <key> = <value>
#

# PHP FastCGI servers to start.
# Server = <php-cgi executable>;<binding>;<UID>[:<GIDs>][;<PHP configuration file>]
#
#Server = /usr/bin/php5-cgi ; 127.0.0.1:2005 ; www-data
#Server = /usr/bin/php5-cgi ; 127.0.0.1:2005 ; 1000:100,101
Server = /usr/bin/php5-cgi ; 127.0.0.1:2005 ; www-data ; /etc/php5/cgi/php.ini
#Server = /usr/chroot|usr/bin/php5-cgi ; 127.0.0.1:2005 ; www-data


With cgi-wrapper.conf everything is commented out.

Greeting, Alex.

Hiawatha version: 6.19
Operating System: Debian Lenny
Hugo Leisink
14 January 2010, 21:22
Try without the PreventSQLi option. You should only use the PreventXXX options if you fully understand how those options work.
Alex
14 January 2010, 22:18
Thanks Hugo it was this, if you only knew how much time I lost with solution searching
This lies with my bad knowledge of English, I do not understand the HOWTO's so well
If it does not matter to you, you could give me a council which options should be switched off for Joomla and which not.
Over again many thanks if there are problems again I come again

Greeting, Alex.
This topic has been closed.