cf8a6cde80
emulated params
2018-11-28 14:30:36 +00:00
1fc180752f
emulated params
2018-11-28 14:30:22 +00:00
4475e3b277
emulated params
2018-11-28 14:30:05 +00:00
6ffd291f12
emulated params
2018-11-28 14:29:46 +00:00
79774b5a1d
emualted params
2018-11-28 14:29:27 +00:00
b46d0c7ab0
emulated params
2018-11-28 14:29:13 +00:00
01af3c367d
emulated params
2018-11-28 14:28:49 +00:00
7ab640ea4b
emulated params
2018-11-28 14:28:36 +00:00
5753ca2cee
Disabling emulated parameters
...
Emulated parameters can be vulnerable to SQL injection.
Take also a look here: https://stackoverflow.com/questions/134099/are-pdo-prepared-statements-sufficient-to-prevent-sql-injection
2018-11-28 14:26:55 +00:00
36fc7103cb
Add hidden service v3 keygen and parser for base64 encoded secret keys
2018-11-25 14:36:28 +01:00
f0afbe14c9
Add sodium_compat composer dependency for v3 hidden_services
2018-11-24 14:56:24 +01:00
9de11a9722
Dropped PHP7.1 support and install composer
2018-11-24 10:38:59 +01:00
41b33f2c51
Drop PHP7.0 support
2018-11-18 20:50:35 +01:00
db626a54a4
disable imap_open because of https://github.com/Bo0oM/PHP_imap_open_exploit
2018-11-17 10:15:15 +01:00
bb21f9f10b
Reload disabled php versions since accounts can still be deleted
2018-10-28 09:31:00 +01:00
b69293ab6d
Dynamic supported versions on frontpage
2018-10-28 09:01:31 +01:00
58b5efb96c
Added suspend hidden service feature + disabled php7.0 for new accounts
2018-10-28 08:48:30 +01:00
1884f4b08b
php is .ini not .conf
2018-10-26 19:14:29 +02:00
9985ba4864
Add PHP7.3 support and let setup.php write initial config files
2018-10-24 19:59:02 +02:00
d5d7078776
Allow editing hidden service options
2018-10-22 21:45:08 +02:00
cfb19915b5
Optimized find query to only search within each users tmp directory
2018-10-20 21:08:44 +02:00
d9e496930d
Add HiddenServiceMaxStreams option and service_instances table
2018-10-20 20:44:10 +02:00
2cee59dc6f
Structure changes for future features
2018-10-20 18:20:27 +02:00
96efd92ab1
bump dbversion
2018-10-17 21:51:20 +02:00
1f2ff2176b
Save DB information in separate table
2018-10-17 21:50:20 +02:00
6eb068222c
Refactor DB foreign keys to auto_incrementing id instead of onion
...
Allows moving domains into separate table at a later stage
2018-10-16 21:09:16 +02:00
81c2364b7b
Better load distribution on multiple relays
2018-09-23 20:09:04 +02:00
acc8782043
Add privacy policy checkbox (required by GDPR)
2018-09-10 19:30:12 +02:00
1d157473e6
Move account folder creation into cron.php
2018-07-14 10:41:44 +02:00
dda49153b3
Buffer access log writes to reduce IO
2018-05-13 09:04:12 +02:00
300cd647df
Increase limits and add putenv to disabled functions (vulerability)
...
Potential security vulnerability:
<?php
putenv("LD_PRELOAD=/home/site.onion/libtest.so");
mail("test@localhost","hacked","you");
2018-04-22 09:11:43 +02:00
e6ac79457f
We have proper firewalling, fsockopen no longer needs to be disabled
2018-03-11 20:26:19 +01:00
7bd2e79f06
Separate nginx sockets for each site to make hoster identification harder
2018-03-08 20:57:42 +01:00
9eb5c2ae3c
Show error message on login when account has not yet been created
2018-03-03 19:22:57 +01:00
47b9b6e3a6
Fixed db query
2018-02-26 16:37:35 +01:00
e8f8f42a24
Fix db query
2018-02-25 21:53:00 +01:00
463be89b09
bumped database layout version
2018-02-25 21:47:29 +01:00
6b0759be73
Added admin panel + optional manual approval for new sites
2018-02-25 21:25:05 +01:00
fa24bb61ec
Added PHP 7.2 support + minor bugfixes and performance tweaks
...
Note when applying this update you will have to update existing nginx vhosts to match new listening addresses (IPv6). Preferably you should update them to unix socket though and apply the changes to the tor hidden service config as well
2018-02-10 22:10:07 +01:00
c65055a9bb
Set mysql host to % instead of localhost to allow connections to 127.0.0.1
...
Note, for updating an existing database, you should run the following:
UPDATE mysql.user SET host='%'; FLUSH PRIVILEGES;
2017-12-21 20:26:24 +01:00
a9fd1b658c
Use X-Accel-Redirect in log.php output
2017-12-03 12:48:37 +01:00
99ccbdccfe
Updated tutorial for Ubuntu 16.04 LTS compatibility
2017-11-05 10:43:44 +01:00
e8dd2b864e
Sort disable_functions and added a few system info revealing posix_* functions
2017-09-03 18:25:13 +02:00
20754f052f
Update frontpage and FAQ texts
2017-09-03 14:15:55 +02:00
6384f4929a
Added text editor to FileManager
2017-09-03 11:09:07 +02:00
8801d3ae0c
Increase PHP memory limit to 256M
2017-09-02 08:49:36 +02:00
6c6b6a689d
Protect from zip-bombs
2017-08-07 21:15:13 +02:00
06dce903dc
cleanup tmp file
2017-08-07 21:05:58 +02:00
5244f89340
Make file upload multiupload
2017-08-06 17:10:19 +02:00
f549f6ddfb
Added web based FileManager
2017-08-06 15:35:47 +02:00
