Utiliser .htaccess ou mysql mariadb ? #216
Comments
|
I can only answer in English (used DeepL to translate your text).
It should be the file path of the the folder where the .htaccess file needs to be; without the ".htaccess" file name itself, this will be appended automatically. If the field is left empty, it will be automatically set to what Joomla considers the root directory; this should be fine for most installations.
It's just what the message says - one of the checks for whether .htaccess is working did fail. I might include additional information on which check failed in the future here. The test email is completely independent of the blocking functionality. So whether the email arrives or not has nothing to do with whether you have configured blocking via htaccess or database, only with whether your joomla email configuration is usable.
So you are saying you couldn't get .htaccess blocking to actually block you, correct? I would need more information about your exact testing procedure.
When .htaccess-based blocking is disabled, bfstop does not use the .htaccess file at all; it simply aborts the Joomla processing at an early stage and only writes out an error message.
As I said above, for non-.htaccess-based blocking, you don't need any write access to .htaccess files from php side. But do I get it correctly that you only want to block access to the backend (/administrator), but never to the frontend? So even if a user is blocked, (s)he should still get access to the frontend, just not be able to access the administrator pages? Then you are on the right track, this is currently only possible with the .htaccess based blocking.
What do you mean by .htaccess overloading? Probably that .htaccess files are not supported at all in your server config? The non-.htaccess-based mode, as I said above, is working completely independently of .htaccess, so yes, BFStop blocking can work without any server-side support for .htaccess! Summarizing, I hope I could answer some of your questions despite the language barrier; though I'm not sure I fully understood what your main point / question was? |
|
Hello, I can no longer use .htaccess blocking. I disabled the extension, I noticed the blocking rules are written for Apache2.2 I am interested in database blocking against front-end and back-end bruteforce. I would like to use BFStop in addition to Fail2ban, to block robots. Thanks for the link, I will read it. |
So far, so clear;
Thanks for reporting this, I have created an issue (see link above) to update the rule format.
What exactly is unclear? It should work "out of the box", and require no additional configuration. Is there some problem when you try it? Or are you trying to achieve some specific use case, such as only blocking the backend? |
|
@ZerooCool haven't heard back from you in a while, so I assume everything is clear? |
Bonjour,
Dans Paramètres avancés, quel chemin mettre pour renseigner le .htaccess ?
.htaccess path --> .htaccess ?
Ce message s'affiche :
You're either not using apache server, or the .htaccess file either does not exist, or it is not read- or writeable. Blocking via .htaccess will not work.
Si je laisse vide :
.htaccess path -->
La configuration est considérée comme valide.
Le mail de test m'est bien retourné.
Je ne constate aucun blocage lors des tests de connexion.
Je ne reçois aucun mail de connexion en erreur.
Je voudrais surtout utiliser le blocage en base de données, avec mariadb, je n'ai pas trouvé l'option a utiliser.
Pouvez vous m'aider à utiliser le plugin avec la base de données ?
Je ne voudrais pas utiliser /administrator/.htaccess qui a les droits 444 en temps normal.
J'ai passé les droits chmod en 666 pour autoriser l'écriture, pour tester le plugin.
Est-ce possible d'utiliser le plugin si la surcharge .htaccess n'est pas autorisée ?
Ma configuration du Virtualhost interdit la surcharge par .htaccess !
Me faut t'il ajouter un code manuellement dans le Virtualhost ?
Avez vous un exemple de fichier .htaccess ?
Merci
The text was updated successfully, but these errors were encountered: