daily security run output and joomla3
Per olof Ljungmark
peo at nethead.se
Sun Jan 28 18:53:59 UTC 2018
On 01/28/18 19:31, Baptiste Daroussin wrote:
> On Mon, Jan 29, 2018 at 03:27:22AM +0900, Yasuhiro KIMURA wrote:
>> From: Larry Rosenman <ler at lerctr.org>
>> Subject: Re: daily security run output and joomla3
>> Date: Sun, 28 Jan 2018 12:04:56 -0600
>>
>>> But as the OP notes, the joomla3 instructions *REQUIRE*
>>> removal of the install directory for security reasons, so
>>> I understand where he is coming from.
>>
>> Do you mean that all installed file must be removed? If so, what about
>> simply deinstalling joomla3 package after instructions are finished?
>>
>
> Does changing the owners of the directory to nobody helps? joomla (www users)
> might not be able to read it
The trick we use here is to keep the original www/joomla3 directory from
the ports install untouched, copy its contents to vhosts/<webroot> and
serve the sites(s) from there.
Then one can use other means/software to keep track of possible altered
files.
//per
More information about the freebsd-ports
mailing list