Hi,The FPA would be useful. See the red box at the top of the forum,read docs first.
I have managed to gain access to the back-end. And there are several post installation messages that display errors. I have also read online that one should be able to manage extentions through PHPMyAdmin. But I do not see a "jos_extentions" table on the database.
These are the following messages I get on the admin panel.
COM_ADMIN_POSTINSTALL_MSG_HTACCESS_BROTLI_TITLE
Since version 4.4.4
COM_ADMIN_POSTINSTALL_MSG_HTACCESS_BROTLI_DESCRIPTION Hide this message
COM_ADMIN_POSTINSTALL_MSG_HTACCESS_SETCE_TITLE
Since version 4.2.9
COM_ADMIN_POSTINSTALL_MSG_HTACCESS_SETCE_DESCRIPTION Hide this message
COM_USERS_POSTINSTALL_MULTIFACTORAUTH_TITLE
Since version 4.2.0
COM_USERS_POSTINSTALL_MULTIFACTORAUTH_BODY COM_USERS_POSTINSTALL_MULTIFACTORAUTH_ACTION Hide this message
PLG_SYSTEM_HTTPHEADERS_POSTINSTALL_INTRODUCTION_TITLE
Since version 4.0.0
PLG_SYSTEM_HTTPHEADERS_POSTINSTALL_INTRODUCTION_BODY PLG_SYSTEM_HTTPHEADERS_POSTINSTALL_INTRODUCTION_ACTION Hide this message
.htaccess Update Concerning Directory Listings
Since version 3.9.22
Before 3.9.22 the default htaccess.txt file contained erroneous code meant for disabling directory listings. The security team recommends to manually apply the necessary changes to any existing .htaccess file, as this file can not be updated automatically.
The old code:
<IfModule autoindex>
IndexIgnore *
</IfModule>
The new code:
<IfModule mod_autoindex.c>
IndexIgnore *
</IfModule>
Hide this message
Additional XSS protection for the usage of SVG files
Since version 3.9.21
Since 3.9.21 Joomla is shipped with an additional security rule in the default htaccess.txt. This rule will protect users of svg files from potential Cross-Site-Scripting (XSS) vulnerabilities.
The security team recommends to manually apply the necessary changes to any existing .htaccess file, as this file can not be updated automatically.
Changes for .htaccess
<FilesMatch "\.svg$">
<IfModule mod_headers.c>
Header always set Content-Security-Policy "script-src 'none'"
</IfModule>
</FilesMatch>
Currently we are not aware of a method to conditionally configure this on IIS web servers, please contact your hosting provider for further assistance.
Hide this message
Updated Text Filter Recommendations
Since version 3.9.19
As part of our security team's review, we have made some changes to the default settings for the global text filters in a new Joomla installation. The default setting for the 'Public', 'Guest' and 'Registered' groups is now 'No HTML'. As these changes are only applied to new installations, we strongly recommend that you review these changes and update your site from: System -> Global Configuration -> Text Filters
I hope you can help me from here, and I am eager to learn about Joomla.
Regards
Statistics: Posted by adriaanorg — Tue Dec 03, 2024 9:40 pm