Skip to content
View in the app

A better way to browse. Learn more.
Froxlor Forum

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Important bugfix release 0.9.33.2

d00p
in Announcements

Featured Replies

Dear Froxlor-community,
 
due to a severe security issue in the database logging system, we strongly recommend to update your current froxlor installation to 0.9.33.2. We also recommend to remove any content from the /froxlor/logs/ directory.

Download: 0.9.33.2

Note: Gentoo-ebuild and Debian packages are now available..

Visit http://www.froxlor.org or join our IRC channel #froxlor on irc.freenode.net.

Thank you,
d00p

Thank you very much for the quick fix! :-)

Hi

actually this fix is missing the removal of the compromised logfiles, otherwise it fixes future logging of passwords, but not the access to the logfile that has been compromised.

 

I ask you to add a proper .htaccess-block for the logs-directory _and_ remove the logfiles from there as they - if kept - are still a security-risk in the current release.

 

thx

hk

  • Author

Hi

actually this fix is missing the removal of the compromised logfiles, otherwise it fixes future logging of passwords, but not the access to the logfile that has been compromised.

 Sorry, as i was pushed to do a release it just got lost in the hurry...removing all .log files from the directory should do the job, alternatively just use the class.ConfigIO.php from Github (https://github.com/Froxlor/Froxlor/blob/0_9_34/lib/classes/webserver/class.ConfigIO.php)

Error for Debian squeezy after Apache restart.

 

Apache2 restart:

 

Syntax error on line 9 of
/etc/apache2/sites-enabled/10_froxlor_ipandport_xx.xx.xx.xx.80.conf:
Invalid command \'FastCgiExternalServer\', perhaps misspelled or defined by a module not included in the server configuration
Action \'configtest\' failed.
The Apache error log may have more information.
failed!

 

In the named .conf file on line 9:

 

FastCgiExternalServer
/var/www/php-fpm/froxlor.panel/vxxxxxxxxxxxxxxxxxxxxx.yourvserver.net/8296.fpm.external
-socket
/var/lib/apache2/fastcgi/froxlor.panel-vxxxxxxxxxxxxxxxxxxxxx.yourvserver.net-php-fpm.socket
-idle-timeout 30

 

What is going wrong here?

 

Thanks

bosmedien

Yes, for some reason the froxlor debian repository is completly missing the wheezy-repository...

https://debian.froxlor.org/dists/

  • Author

Error for Debian squeezy after Apache restart.

 

Apache2 restart:

 

In the named .conf file on line 9:

 

What is going wrong here?

 

Thanks

bosmedien

 

You sir have a completely other problem. Please open a new topic.

Error for Debian - wheezy

 

fixed, sorry about that.

Edit: works.

Works without any issues (Jessie). Thank you.

Create an account or sign in to comment
Go to topic listing

Account

Navigation

Search

Search

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.