d53279a5f6
Fixed a typo, made a few sentences a bit nicer.
...
I fixed a typo (corruptibly -> corruptible), and added a few words to the sentences.
2019-01-29 18:46:26 +01:00
c637c98510
Fixed typo in csrf token hidden input field
2019-01-28 05:48:41 +01:00
4aa51f4371
Set default file manager path to /www/
2019-01-27 17:41:24 +01:00
9c5294e64e
Add csrf tokens to all sensitive forms
2019-01-27 17:41:02 +01:00
cf83b9901a
Merge pull request #42 from NoahvdAa/patch-3
...
Added CSRF protection to file manager.
2019-01-27 16:22:20 +01:00
7da6b8feed
Install PHPMyAdmin locally as distributions ship outdated version
2019-01-26 16:48:38 +01:00
6fc7ba7dae
Merge pull request #1 from NoahvdAa/patch-4
...
Added CSRF protection to file manager.
2019-01-23 17:50:12 +01:00
769a05b682
Added CSRF protection to file manager.
2019-01-23 17:48:54 +01:00
bc4a8a4d7c
Adding CSRF to file manager
2019-01-23 17:44:04 +01:00
7f7b228df6
Fixed a small typo
...
"Here a list of 588 public hosted sites (172 sites hidden):" -> "Here is a list of 588 public hosted sites (172 sites hidden):"
2019-01-18 18:54:46 +01:00
5eab397200
Randomise DB (user)names to reduce attack surface + allow multiple DBs per user
2019-01-07 22:26:33 +01:00
c46a2584fa
Add shell access and scp support
2019-01-06 18:20:02 +01:00
c306ea2518
Check-All checkmark fix
...
Check-All checkmark now only appears when javascript is enabled.
2019-01-04 14:19:04 +01:00
cdd2b5b9be
Added the "select all" option to the file manager.
...
#13
2019-01-04 14:16:51 +01:00
ae2aa16f76
Fixed a typo
2019-01-04 09:57:00 +01:00
6b6efc2fc6
Logs are stored outside chroot - don't check existence and let nginx handle it
2019-01-01 13:54:36 +01:00
55bc8cd757
Introduce mysqld socket stream forwarding with nginx for chroot jails
2019-01-01 13:47:30 +01:00
0f38bd2449
Improved privilege separation
2019-01-01 02:24:22 +01:00
5cd13e9269
Introduced selection between v2, v3 and custom hidden service
2018-12-06 16:24:35 +01:00
305c8bc0c3
Fix mariadb 10.3 compatibility by adding default values
2018-12-05 22:19:46 +01:00
c9cddc9f86
Username should be a prepared variable
2018-12-04 21:27:35 +01:00
0fc4412404
Revert " Disabling emulated parameters"
2018-12-04 21:10:36 +01:00
ba71455ca5
Introduce DEFAULT_PHP_VERSION
2018-12-04 20:48:08 +01:00
cf8a6cde80
emulated params
2018-11-28 14:30:36 +00:00
1fc180752f
emulated params
2018-11-28 14:30:22 +00:00
4475e3b277
emulated params
2018-11-28 14:30:05 +00:00
6ffd291f12
emulated params
2018-11-28 14:29:46 +00:00
79774b5a1d
emualted params
2018-11-28 14:29:27 +00:00
b46d0c7ab0
emulated params
2018-11-28 14:29:13 +00:00
01af3c367d
emulated params
2018-11-28 14:28:49 +00:00
7ab640ea4b
emulated params
2018-11-28 14:28:36 +00:00
5753ca2cee
Disabling emulated parameters
...
Emulated parameters can be vulnerable to SQL injection.
Take also a look here: https://stackoverflow.com/questions/134099/are-pdo-prepared-statements-sufficient-to-prevent-sql-injection
2018-11-28 14:26:55 +00:00
36fc7103cb
Add hidden service v3 keygen and parser for base64 encoded secret keys
2018-11-25 14:36:28 +01:00
b69293ab6d
Dynamic supported versions on frontpage
2018-10-28 09:01:31 +01:00
58b5efb96c
Added suspend hidden service feature + disabled php7.0 for new accounts
2018-10-28 08:48:30 +01:00
9985ba4864
Add PHP7.3 support and let setup.php write initial config files
2018-10-24 19:59:02 +02:00
d5d7078776
Allow editing hidden service options
2018-10-22 21:45:08 +02:00
d9e496930d
Add HiddenServiceMaxStreams option and service_instances table
2018-10-20 20:44:10 +02:00
2cee59dc6f
Structure changes for future features
2018-10-20 18:20:27 +02:00
1f2ff2176b
Save DB information in separate table
2018-10-17 21:50:20 +02:00
6eb068222c
Refactor DB foreign keys to auto_incrementing id instead of onion
...
Allows moving domains into separate table at a later stage
2018-10-16 21:09:16 +02:00
81c2364b7b
Better load distribution on multiple relays
2018-09-23 20:09:04 +02:00
acc8782043
Add privacy policy checkbox (required by GDPR)
2018-09-10 19:30:12 +02:00
9eb5c2ae3c
Show error message on login when account has not yet been created
2018-03-03 19:22:57 +01:00
47b9b6e3a6
Fixed db query
2018-02-26 16:37:35 +01:00
e8f8f42a24
Fix db query
2018-02-25 21:53:00 +01:00
6b0759be73
Added admin panel + optional manual approval for new sites
2018-02-25 21:25:05 +01:00
fa24bb61ec
Added PHP 7.2 support + minor bugfixes and performance tweaks
...
Note when applying this update you will have to update existing nginx vhosts to match new listening addresses (IPv6). Preferably you should update them to unix socket though and apply the changes to the tor hidden service config as well
2018-02-10 22:10:07 +01:00
c65055a9bb
Set mysql host to % instead of localhost to allow connections to 127.0.0.1
...
Note, for updating an existing database, you should run the following:
UPDATE mysql.user SET host='%'; FLUSH PRIVILEGES;
2017-12-21 20:26:24 +01:00
a9fd1b658c
Use X-Accel-Redirect in log.php output
2017-12-03 12:48:37 +01:00
