Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
BETA RELEASE v3.3.2 b3
#1
Information 
Version 3.3.2 beta release

http://get-simple.info/download
http://get-simple.info/start/changelog/

Major things that could break.

.htaccess files are updated for compatibility with apache 2.4, need testing on apache 2.2 through 2.4 to ensure full compatibility and no critical 500 errors, and proper denial of data access to xml files.

Also some new stuff added to main htaccess.

More fixes for cke toolbar handling, improved parsing and error handling.
Several user reported bugs are fixed, so they should be tested as well.

some security filtering added to some settings

gsusecustomsalt is now always used, so changing it needs to be done when logged in and passwords resaved, used to only be applied on install using authorizaton.xml random salt.

See changelog for full details.
NEW: SA Admin Toolbar Plugin | View All My Plugins
- Shawn A aka Tablatronix
Reply
#2
Anyone test this yet ?
NEW: SA Admin Toolbar Plugin | View All My Plugins
- Shawn A aka Tablatronix
Reply
#3
i'm using it with NGINX (so i can't tell about modified .htaccess) without issues.
Reply
#4
Does that mean you tested it otherwise?

Also how about we get a generic nginx config up on github already. Hows that thread going ?
NEW: SA Admin Toolbar Plugin | View All My Plugins
- Shawn A aka Tablatronix
Reply
#5
If I update and go to the normal page, I get the following message:

Quote:This page is temporarily unavailable

I know I have to go to the admin page first to update, but maybe the message can be a bit more descriptive?
Reply
#6
I have it running on production server (Apache 2.4.9) for some time now (having backups ready anytime) without any problems so far.

(2014-04-17, 23:56:14)shawn_a Wrote: How about we get a generic nginx config up on github already?
What do you mean by that? Would I have to make a commit or something? I can't grasp how github is working, I don't understand it :/ I can post here a generic nginx setup that I've been using for every GS installation and some good willed soul can add it to github (whatever that requires).

Here's a generic nginx config for GetSimpleCMS. It contains the enlightened knowledge from posts found on this forum combined with best practices recommended by nginx gurus.
Code:
server {
    server_name    **SERVER NAMES (SPACE SEPARATED) GO HERE**;
    root        **ROOT OF YOUR WEB PAGE**;
    
    access_log    **PATH TO ACCESS LOG FILE**;
    error_log    **PATH TO ERROR LOG FILE**;

    index        index.php index.html index.htm;

    #Specify a charset
    charset        utf-8;

    # Custom 404 page
    # error_page    404 /404.html;

    # Block direct access to the XML files (except sitemap.xml)
    location ~* \.xml$ {
        deny all;
    }
    location ~* \.xml\.bak$    {
        deny all;
    }
    location = /sitemap.xml    {
        allow all;
    }

    # Block direct access to hidden files
    location ~ /\. {
        deny all;
    }

    # Prevent execution of php from uploads folder
    location ~* /uploads/.+\.php$ {
        deny all;
    }

    # Generic location. Rewrite works with and without pretty urls.
    location / {
        rewrite /?([A-Za-z0-9_-]+)/?$ /index.php?id=$1&$2 last;
    }

    # Handle special "admin" url.
    location /admin {
        try_files    $uri    $uri/    /admin/index.php?id=$uri&$args;
    }

    # Handle php files.
    location ~* \.php$ {
    
        # Prevent running php code from purposefully malformed urls.
        # Comment out the line below if your fastcgi handler doesn't reside on the same server
        try_files $uri =404;

        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_split_path_info ^(.+\.php)(.*)$;
        include fastcgi.conf;
    }
}
Reply
#7
There is a Nginx thread but too much info and no single config has arisen.
NEW: SA Admin Toolbar Plugin | View All My Plugins
- Shawn A aka Tablatronix
Reply
#8
Do you possibly have this thread in mind? If yes, then like I wrote, the "problem" with nginx is that it can be configured in many ways and approaches which may fit better some environments or other. One just can't simply take "the best" config, cuz' there ain't one.

However if we are talking about a generic configuration that can be used as a universal starting point for every GS installation (rewrites compatible with pretty urls) and at the same covers the user security-wise (no PHP running from upload, disabled direct access to xmls), then the config I provided will do nicely.

And if someone wants to have a full blown config with caching directives and whatnot, then marrco's config can help, tho I'd stay away from using IFs in location blocks.
Reply
#9
Ok I will take a look then, I personally do not currently have an nginx install, so do not fiddle with it much.
Here is the repo information for where I will probably put this.
https://github.com/GetSimpleCMS/GetSimpleCMS/wiki/repos
NEW: SA Admin Toolbar Plugin | View All My Plugins
- Shawn A aka Tablatronix
Reply
#10
for downloading lots of files top menu funny bounces
Reply
#11
Downloading files?
NEW: SA Admin Toolbar Plugin | View All My Plugins
- Shawn A aka Tablatronix
Reply
#12
http://www.youtube.com/watch?v=z0bDTPWFA6k
Reply
#13
(2014-04-25, 17:14:30)Oleg06 Wrote: http://www.youtube.com/watch?v=z0bDTPWFA6k

Uploading files.

I tested this, but in my case this bumping doesn't happen. I think it happens because the words in Russion are larger and/or the amount of menu-tabs added (by plugins).

Maybe something should change in the theme, so this is not possible.


Btw. in support section I can't see which beta version of GS I use (1, 2, or 3, in this case). Can that be added?
Reply
#14
(2014-04-25, 19:06:08)datiswous Wrote: I tested this, but in my case this bumping doesn't happen. I think it happens because the words in Russion are larger and/or the amount of menu-tabs added (by plugins).
yes, after disconnecting a pair of plugins no longer jump Smile
I tested a lot of plugins, all works http://www.without-db.ru/demo/11/
Send Anonymous Data
Calendar
debugmode
Mp3 Player Ultimate
DynPages
FAQ
Feedback Lite
GST SuperSlideshows
Mass Mail
Guestbook
I18N Base
I18N Custom Fields
I18N Gallery
I18N
I18N Search
I18N Search for News Manager Posts
I18N Special Pages
Innovation Theme Plugin
kt block login
Links Manager
MetaRobots
nanoGALLERY4GS
nanoSlider
Create Post shortcut (News Manager)
News Manager 2.4.5
News Manager Addons
News Manager Title
p01-contact
Pagify
PRemover Removes paragraphs
SCSS Easy
social_share_buttons_3-css.php
Multi User
Front-End User Login Enhanced
-----------------------------------------------
nothing more I do not know Smile
Reply
#15
hmm, is this a new problem related to beta or just in general?
css probably does not handle all those extra tabs properly.
NEW: SA Admin Toolbar Plugin | View All My Plugins
- Shawn A aka Tablatronix
Reply
#16
only beta, in 3.3.1 works fine
I uncommented line 49 in file gsconfig.php
Code:
define('GSEDITORHEIGHT', '400');
because the editor was flattened
Reply
#17
Is this another separate issue you are reporting ? Its just mushed in there, i am not sure what you are saying.
NEW: SA Admin Toolbar Plugin | View All My Plugins
- Shawn A aka Tablatronix
Reply
#18
I checked, it is not reflected on the problem described above

(2014-04-26, 05:08:42)Oleg06 Wrote: only beta, in 3.3.1 works fine
I uncommented line 49 in file gsconfig.php
Code:
define('GSEDITORHEIGHT', '400');
because the editor was flattened
http://www.youtube.com/watch?v=z0bDTPWFA6k
appeared, it is present in the GS 3.3.1 Smile
Reply
#19
(2014-04-21, 19:24:26)Everyone Wrote: And if someone wants to have a full blown config with caching directives and whatnot, then marrco's config can help, tho I'd stay away from using IFs in location blocks.

Damn, you're absolutely right. I can't remember why I used that 'if' construct, and only for the 403 error. Probably no reason at all, just a mistake. Thanks for pointing that out.

But the important point is that before creating an official wiki entry i'd like someone to double check and validate the config (basic and advanced). An error (ie. caching an admin page) on the default config could really create a security nightmare.

I use also a few more special config, one just for NGINX as a proxy, and an advanced one with rate limiting, hotlink protection and a some additional tweakings. If someone (Everyone?) is willing to help we could try to give the GetSimple project some great (and tested!) nginx config.
Reply
#20
Sure, I've got windows and *nix servers running nginx. I can probably test out any of your custom configs. Just PM me and we can work something out.
Reply
#21
soo is this release worthy ?
NEW: SA Admin Toolbar Plugin | View All My Plugins
- Shawn A aka Tablatronix
Reply
#22
I made a report of an issue in a new admin-theme plugin. Some things seem to have changed in the admin template files in the beta.
See here: http://get-simple.info/forums/showthread...2#pid45122
Maybe there's some info on what's causing it?
Reply
#23
Tested and all looks good...
My Github Repos: Github
Website: DigiMute
Reply
#24
This seems to be just a Chrome thing. Don't know if it even is a GS issue.

On the Settings page one of the password boxes is always autofilled and the other not, so whatever you do or don't do on the page when you hit SAVE you always get the message "Passwords do not Match".

3.3.1. and 3.3.2
Reply
#25
Yeah I noticed that recently

I will see if we can maybe add something to that field so it does not think the user and password fields are a login form.

I think chrome decided to stop respecting autocomplete="off" or perhaps its a new bug.

All you have to do is remove the fields contents to save of course.

EDIT
known issue
https://code.google.com/p/chromium/issue...?id=352347
NEW: SA Admin Toolbar Plugin | View All My Plugins
- Shawn A aka Tablatronix
Reply




Users browsing this thread: 1 Guest(s)