>> Site Map >> Forums >> Post Installation Help
Forum module - topics in forum:
Post Installation Help - Help with problems after installation.
New html fields... how to disable them?
I always worked with php-nuke 7.4 version. But since my site was hacked twice this year... I upgrade him to new version, 7.9!
But I dont like this new feature:
Is possible to disable this for entire site?
I hate to burst your bubble but upgrading to 7.9 is not going to prevent your site from being hacked. Infact that very text editor you want to disable opens your site up to being hacked.
It's well documented that 7.7 - 7.9 are full of security holes that are created by the text editor being poorly implemented.
While the idea is good the way it was put in was not at all correct and turning it off will not lessen the security risk, because all HTML validation was removed, meaning someone who is unscruplous can submit bad html tags and javascript in Forum and News posts that nuke would otherwise not have allowed.
This is why if you look at the download on these versions they all say Use at your own risk.
Now with that being said, open your config.php file and find:
| Code: : |
| $nuke_editor = 1; |
change it to
| Code: : |
| $nuke_editor = 0; |
And that will disable the editor.
Make sure you employ Nuke Sentinel if you are going to continue to run this version. Although it won't do anything about the HTML validation it might help with scripting attacks.
If you don't believe me then I suggest you read this article on 64bit.us - Just change the title to include 7.9 as none of the problems discussed in this article were corrected in 7.9
If you are wondering PHP-Nuke 7.6 and any port built upon it like Platnum or Ultra is the most secure and bug free version of nuke.
Thanks for your reply NukeCode, really... I didnīt know about this!
But I need to disable him because is causing many conflicts in some modules that I have....
And I upgraded to 7.9 version besause I dont want my site been hacked again
You are saying that PHP-Nuke 7.6 platinum is more secure then 7.9?
Hummm... maybe I try then! This version have the html editor to?
Many thanks
Can someone tell me where can I download PHP-Nuke Platinum 7.6.0?
| Divvy Wrote: : |
| Thanks for your reply NukeCode, really... I didnīt know about this! But I need to disable him because is causing many conflicts in some modules that I have.... And I upgraded to 7.9 version besause I dont want my site been hacked again You are saying that PHP-Nuke 7.6 platinum is more secure then 7.9? Hummm... maybe I try then! This version have the html editor to? Many thanks |
We don't support platnum so I have no Idea if it has an editor or not.
Nuke Platinum doesnt have an html editor, I used to have a link for it but I dont know what I did with it. If you are wanting to use 7.6 then I would suggest that you use nCo Ultra 7.6. Platinum is a good CMS but more than likely it has alot of modules that you will never use creating empty space in your database. I would suggest the nCo 7.6 ultra, I would also suggest that you get the 3.1 patch from our downloads section as well. Just to let people know we advise against anyone using a php-nuke build higher than 7.6 because of secuirty holes that will leave your site vulnerable to an exploit.
