holodyn Posted May 5, 2010 Share Posted May 5, 2010 This is a security update that will mask the output of the /pipe/pop.php script. Typically the pop.php script outputs a list of the support department pop servers and email addresses - which don't need to be displayed publicly. To hide that output this update uses an htaccess rewrite to forward pop.php requests to a script pop-safe.php, which runs pop.php, captures the output, and returns a truncated result containing just the date & total email count (which you may also want to hide). The included htaccess also has a rule for preventing access to the pipe.php and pipfunctions.php scripts. You will need to edit the htaccess file to uncomment this rule. Typical /pipe/pop.php results: POP Import Log Date: 05/05/2010 11:48:36 Host: mail.website.com Email: dept-address+website.com Email Count: 0 Output of /pipe/pop-safe.php stamp: Wed, 05 May 2010 16:50:37 GMT count: 0 ** This DOES NOT REPLACE any files ** To install - download attached ZIP file and place contents into the /pipe/ folder of your whmcs installation. WHMCS-POPSAFE-050510.zip 0 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.