Step for making LimeSurvey 2 more secure (as with 1.92+ and earlier)

More
4 years 11 months ago #85528 by tfj
tfj created the topic: Step for making LimeSurvey 2 more secure (as with 1.92+ and earlier)
In LimeSurvey 1.92+ and earlier, I have been able to modify the following line in my config.php file to add an extra level of security:

<?php include("/home/hostfolder/safedata/configreal.php"); ?>

As many of you already know, this is in the documentation for 1.92+ and earlier versions under the heading "Other security issues." This enables me to move our config.php file to a non-web location, thus keeping our database password, etc. reasonably out of reach of prying eyes.

I have been searching the documentation and forum for the equivalent to work with LimeSurvey 2.

Could someone please point me in the right direction? I would like to be able to figure this out by the time the stable version of LimeSurvey 2 comes out.

Thanks!

tfj

Please Log in to join the conversation.

More
4 years 11 months ago - 4 years 11 months ago #85540 by DenisChenu
DenisChenu replied the topic: Step for making LimeSurvey 2 more secure (as with 1.92+ and earlier)
Hello,

I think you can do this in
application/config/config.php

Denis
PS and use an include_once

Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand (or search sondages pro).
An error happen ? Before make a new topic : remind the Debug mode .
Last Edit: 4 years 11 months ago by DenisChenu.

Please Log in to join the conversation.

More
4 years 11 months ago #85613 by tfj
tfj replied the topic: Step for making LimeSurvey 2 more secure (as with 1.92+ and earlier)
Denis:

Thank you for your response. I tried the include_once and went through many trials-and-errors in trying to figure out what lines to change in the "configreal" file. Occasionally, I get an error indicating a syntax problem in the file. After many other attempts, I get simply a blank screen.

I'm guessing that the 'basepath' and the 'runTimePath' lines need to be changed, which is where I have been devoting my efforts. I was determined to figure this out on my own and then post the solution to the forum, but I am stuck.

I've always been able to use this technique in 1.92+ and earlier.

I have not been able to find this in the documentation, so if someone could point me in the right direction, I would appreciate it!

Thanks!

tfj

Please Log in to join the conversation.

More
4 years 11 months ago - 4 years 11 months ago #85616 by DenisChenu
DenisChenu replied the topic: Step for making LimeSurvey 2 more secure (as with 1.92+ and earlier)
Myabe you can do something with Yii:
www.yiiframework.com/155/the-directory-s...ii-project-site/#hh2

I don't look further but i think it's a starting method.

Denis
PS : you have in index.php:
$aSettings= include(APPPATH.'config'.DIRECTORY_SEPARATOR.'config.php');

Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand (or search sondages pro).
An error happen ? Before make a new topic : remind the Debug mode .
Last Edit: 4 years 11 months ago by DenisChenu.

Please Log in to join the conversation.

More
4 years 11 months ago #85618 by tfj
tfj replied the topic: Step for making LimeSurvey 2 more secure (as with 1.92+ and earlier)
Thanks, Denis. I'll keep digging. I am not yet familiar with Yii, so while I am digging, I am still asking for help/direction from anyone.

Thanks!

tfj

Please Log in to join the conversation.

Did you already participate in our customer survey?

Don't miss your chance for great prices.

Please click here to participate:

Start now

Start now!

Just create your account and start using Limesurvey today.

Register now