cancel
Showing results for 
Search instead for 
Did you mean: 

[PAYH Feedback] directories, timestamps, perl modules and plesk shortcuts

jah
Grafter
Posts: 38
Thanks: 2
Registered: ‎09-06-2007

[PAYH Feedback] directories, timestamps, perl modules and plesk shortcuts

Hi!
I've been having great fun with the PAYH platform and thought I'd feedback a few things.
Firstly I'd like to say that my experience thus far has been largely painless and enjoyable (well actually I had a nightmare moving my Movable Type 4.23 installation from the ccgi platform, but that was down to the applications terrible backup/restore functionality - much db hacking required...) and I think it's a really easy-to-use platform.
Secondly, and do correct me if I'm wrong, there doesn't seem to be a directory into which I can place files which are readable/writable by php/perl, but not served by the web service.  I'm talking about a directory outside of httpdocs.  I can think of two reasons this would be a good idea:
1)  If an application allows content to be uploaded to the server, it's good (nay, best) practise to store that content in a directory such that the content cannot be accessed directly (after of course ensuring the filetype is in the whitelist and as well as renaming the content and storing it's path in a db to allow it's retrieval and subsequent viewing) (I'd like to provide you with a solid reference for this, but all I have is http://www.owasp.org/index.php/File_System#File_System)
2)  On a shared platform such as this it's a good idea to avoid using the default session.save_path if it's world readable to prevent other users hijacking sessions and having a directory outside of httpdocs would be a good idea to help prevent exposing session files to the web.
Next, are timestamps in the File Manager.  The Modification date currently shown is adequate, but the date and time would be much better.  A customisable set of columns displayed would be even better than that!  Then we can choose between just basic file stats or more full ones.  Otherwise, given that we don't have shell access, we'd have to ftp to get this info.
It would be nice to have an easy way to determine what perl modules are installed and maybe have some kind of poll for modules that people would like.  Movable Type requires the imagemagick perl module to provide CAPTCHA functionality and I'd like to request that the module be installed (whichever one works properly with the currently installed Image Magick).
And finally, because the Plesk UI is all frames, it's not really feasible to bookmark often visited sections - it's possible:
https://<host>:8443/?cmd=chdir&file=%2Fhttpdocs&previous_page=filemanager
is a shortcut to httpdocs in the filemanager, but this took some working out and it only works once you've selected a domain.
It would be helpful if we could add bookmarks to the sidebar.  I realise of course that this might involve long development hours for someone.
Thanks for listening.
1 REPLY 1
Gabe
Community Veteran
Posts: 767
Registered: ‎29-10-2008

Re: [PAYH Feedback] directories, timestamps, perl modules and plesk shortcuts

To deny web access to a folder within httpdocs, add
deny from all
to its .htaccess
One option: list-modules.pl gives a tidy list of Perl modules.
Gabe