EPrints Technical Mailing List Archive
See the EPrints wiki for instructions on how to join this mailing list and related information.
Message: #08242
< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First
Re: [EP-tech] Problem with eprints 3.4 file restricted
- To: Ajunk Pracetio <prazetyo@gmail.com>
- Subject: Re: [EP-tech] Problem with eprints 3.4 file restricted
- From: David R Newman <drn@ecs.soton.ac.uk>
- Date: Fri, 10 Jul 2020 11:26:55 +0100
Hi Agung Prasetyo W.,
Whilst the multiple versions of the same file are useful to allow local configuration to override core configuration, it can sometimes cause confusion like this. The GitHub issue refers to fixing the general issue so that when you create a new repository it will not suffer from this bug. Unfortunately, it does not help fix existing repositories. It was something that could not be accounted for when it was originally written many years ago, as it could not have been known that how Perl interacted with Apache would change in Apache 2.4 and therefore create this security bug.
Regards
David Newman
Hi,
After I search on my archives/repo_name/cfg/cfg.d/ directory and change the security.pl like you said, the file success can not be downloaded. I'm sorry for my miss perception that I read on github it says on defaultcfg/cfg/d/ directory.
Thank you very much David and Yuri all your help.
Best regards,Agung Prasetyo W.
On Fri, Jul 10, 2020 at 3:38 PM David R Newman <drn@ecs.soton.ac.uk> wrote:
Hi Agung Prasetyo Wibowo,
It does not look like the reason the file is accessible is due to caching and it does not sound like you have coversheets enabled which can cause some issues with file access. As I said in a previous email you can check that EPRINTS_PATH/archives/ARCHIVE_NAME/cfg/cfg.d/security.pl uses the correct method to lookup an IP address is
my $ip = $doc->repository->remote_ip();
(and not my $ip = $r->connection()->remote_ip();)
Beyond this, I think it is worth tailing you webserver log files whilst trying to download this file to see if you are getting any errors. On RedHat/CentOS/Fedora this would be something like:
tail -f /var/log/httpd/error_log /var/log/httpd/ssl_error_log
I am not sure if you have HTTPS enabled. If you don't then you need not include ssl_error_log in the command line above.
Regards
David Newman
On 10/07/2020 09:30, Ajunk Pracetio wrote:
Hi,
Is there any file that I must check to make my file can be restricted?
Please need your help.
Thank you
Best regards.Agung Prasetyo Wibowo
On Fri, Jul 10, 2020 at 9:13 AM Ajunk Pracetio via Eprints-tech <eprints-tech@ecs.soton.ac.uk> wrote:
Hi,
I already tried on other browser, but the file still can download.
*** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-techOn Thu, Jul 9, 2020 at 3:39 PM Yuri via Eprints-tech <eprints-tech@ecs.soton.ac.uk> wrote:
Hi!
did you try with another browser? If it works, then If it was the same
browser, it is downloading from the cache even if you logout.
Il 09/07/20 09:59, Ajunk Pracetio via Eprints-tech ha scritto:
> Why is my eprints 3.4 when my document is restricted to user only, can
> still be downloaded.
>
> I have also read https://eur03.safelinks.protection.outlook.com/?url="">
> <https://eur03.safelinks.protection.outlook.com/?url="">>
> and configured the suggested files, but the files can still be downloaded.
>
> Please help.
>
> Regards,
> Agung Prasetyo W.
>
> *** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
> *** Archive: https://eur03.safelinks.protection.outlook.com/?url="">
> *** EPrints community wiki: https://eur03.safelinks.protection.outlook.com/?url="">
*** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
*** Archive: http://www.eprints.org/tech.php/
*** EPrints community wiki: http://wiki.eprints.org/
*** Archive: http://www.eprints.org/tech.php/
*** EPrints community wiki: http://wiki.eprints.org/
- References:
- [EP-tech] Problem with eprints 3.4 file restricted
- From: Ajunk Pracetio <prazetyo@gmail.com>
- Re: [EP-tech] Problem with eprints 3.4 file restricted
- From: Yuri <yurj@alfa.it>
- Re: [EP-tech] Problem with eprints 3.4 file restricted
- From: Ajunk Pracetio <prazetyo@gmail.com>
- Re: [EP-tech] Problem with eprints 3.4 file restricted
- From: Ajunk Pracetio <prazetyo@gmail.com>
- Re: [EP-tech] Problem with eprints 3.4 file restricted
- From: Ajunk Pracetio <prazetyo@gmail.com>
- [EP-tech] Problem with eprints 3.4 file restricted
- Prev by Date: Re: [EP-tech] Problem with eprints 3.4 file restricted
- Next by Date: Re: [EP-tech] Problem with eprints 3.4 file restricted
- Previous by thread: [EP-tech] EPrints/CRIS
- Next by thread: [EP-tech] DOI handling in orcid_support_advance
- Index(es):