• Hello Fabrik Community

    Fabrik is now in the hands of the development team that brought you Fabrik for Joomla 4. We have recently transitioned the Fabrik site over to a new server and are busy trying to clean it up. We have upgraded the site to Joomla 4 and are running the latest version of Fabrik 4. We have also upgraded the Xenforo forum software to the latest version. Many of the widgets you might have been used to on the forum are no longer operational, many abandoned by the developers. We hope to bring back some of the important ones as we have time.

    Exciting times to be sure.

    The Fabrik 4.0 Official release is now available. In addition, the Fabrik codebase is now available in a public repository. See the notices about these in the announcements section

    We wish to shout out a very big Thank You to all of you who have made donations. They have really helped. But we can always use more...wink..wink..

    Also a big Thank You to those of you who have been assisting others in the forum. This takes a very big burden off of us as we work on bugs, the website and the future of Fabrik.

AdminTools

  • Views Views: 6,530
  • Last updated Last updated:
  • AdminTools from akeebabackup.com is a security component.

    .htaccess Maker​

    With the default settings (Frontend protection=Yes) .htaccess Maker in AdminTools is preventing any access to .php from "outside" Joomla, to images files outside specific directories etc.

    Fabrik needs access to
    list/form/details template_css.php and custom_css.php​
    Solution:
    add in the "Exceptions" section, in the box "Allow direct access, including .php files, to these directories" the paths to the Fabrik templates:

    components/com_fabrik/views/form/tmpl
    components/com_fabrik/views/list/tmpl

    You can add the "details" also if you use them.
    if you want to be very strict with security, you can specify the template:

    components/com_fabrik/views/form/tmpl/Bootstrap

    or be looser and just give access to all views:

    components/com_fabrik/views
    image files in cache/com_fabrik/staticmaps​
    Solution: add directory to
    Fine tuning: Front-end directories where file type exceptions are allowed
    plugins/fabrik_element/captcha/image.php (at the time of writing: June 2015, Fabrik3.2.1)​
    Solution: add file to
    Exeptions: Allow direct access to these files

    Web Application Firewall/Configure WAF​

    Visual Fingerprinting Protection​
    If you set "Block tmpl=foo" to YES you must add "Bootstrap" to the "List of allowed tmpl= keywords"

    Joomla! Feature Hardening Options
    Warn about self XSS =no (seems to be necessary for running PDF output; versions Feb 2018)


    In any case, after enabling AdminTools, always check the different types of pages with Firebug/Console to spot the 403 errors and make the appropriate corrections in the Exceptions and Fine Tuning
Back
Top