Security centre questions :: Zikula Community

Get Zikula 1.3.3!New core, modules & more

Quick Links

Donate Today!Support your Software

Documentationlearn, share & develop

Watch

GitHub Core

Show your support for Zikula! Sign up at Github account and watch the Core project!

GitHub Modules

Forum Activity

rgasch created topic »Using PageUtil::addVar() to load script code« 11:48 AM
michiel responded to »password problem« 10:01 AM
mazdev responded to »Hide "Register new account" and change template to 3 col« 07:50 AM
mesteele101 created topic »Zikula 1.3.3 - Site Search 1.5.2 - Unable to turn off plug-ins« 07:48 AM
mesteele101 responded to »ERR (3): E_USER_ERROR: Smarty error: [in pagesvar:pagesitem2en line XXX]…« 25. May
mazdev responded to »Pages 2.5.0 and updating - Page not found« 25. May
mesteele101 responded to »Zikula 1.3.3 - Selecting a category in Pages not working« 25. May

» Visit forum | » View latest posts

Zikula Blog

Anatomy of Open Source Projects on Mar 07
Continuous Review on Mar 01
Not Invented Here on Feb 24
How to Contribute Your Code at Github on Jan 13
10 Steps to Coding-Nirvana: Tips for Successful Module Writing on Nov 12
Submitting Bug Report Tickets That Get Results on Aug 17
Cozi Tricks #1: Syntax Highlighting on Aug 07

Security centre questions

Print topic

damon

Rank: Softmore

Registered: Dec 31, 1969

Last visit: May 25, 2010

Posts: 326
Posted: Feb 08, 2010 - 11:24 AM

There are parts of the Security centre settings that I'm not clear on.

...General Settings (no problem)
...Automatic Update (clear as a bell)

.
Host Settings

Quote
Time limit for authorisation keys ('authkeys') in seconds (default: 0)

Does 0 equal "no expiration"? What is the effect of using other numbers of seconds.

Quote
Bind authkey to user agent ('UserAgent')

Answers are yes/no, but what is the effect on Zikula when either is chosen?

.
Session settings
What are the effects of the settings for these items? I have a general idea but don't really understand the real world affect on users when different settings are chosen.

Quote
Garbage collection probability

Quote
Use sessions for anonymous guests

Quote
Periodically regenerate session ID

Quote
Regenerate session ID during log-in and log-out

Quote
Regeneration probability

.
HTTP variable cleansing
What exactly does the word "Sanitise" mean in this context?

.
Output filter settings
What is the difference between "Internal output filter" and "SafeHTML"? And what exactly does each do to the content of the site?

.
AntiHacker
On a Zikula 1.21 site I'm getting an email from antihacker every time I edit a pages page or a content item, even when logged in as Admin. Does AntiHacker have settings or whitelist?

Thanks, probably a lot of dumb questions but someone had to ask.

--
Damon
Catamaran Sailing at TheBeachcats.com