Difference between revisions of "Draft:Config.php"
m (Created page with '===Section marked "DO NOT CHANGE ANYTHING BELOW THIS LINE UNLESS YOU REALLY KNOW WHAT YOU ARE DOING"=== We strongly recommend you do not change any configuration settings that g…') |
m (→Section marked "DO NOT CHANGE ANYTHING BELOW THIS LINE UNLESS YOU REALLY KNOW WHAT YOU ARE DOING") |
||
Line 42: | Line 42: | ||
define('MEMCACHE_SERVER_ADDRESS', 'localhost'); | define('MEMCACHE_SERVER_ADDRESS', 'localhost'); | ||
define('MEMCACHE_SERVER_PORT', 11211); | define('MEMCACHE_SERVER_PORT', 11211); | ||
+ | </pre> | ||
+ | <pre> | ||
abstract class XCSecurity { //{{{ | abstract class XCSecurity { //{{{ | ||
</pre> | </pre> | ||
+ | ===Protection method for SQL/Security and file changes from the Admin area=== | ||
<pre> | <pre> | ||
const PROTECT_DB_AND_PATCHES = 'ip'; | const PROTECT_DB_AND_PATCHES = 'ip'; | ||
</pre> | </pre> | ||
− | |||
<pre> | <pre> | ||
const PROTECT_ESD_AND_TEMPLATES = 'ip'; | const PROTECT_ESD_AND_TEMPLATES = 'ip'; | ||
</pre> | </pre> | ||
+ | The above two constants allow you to define the protection method for SQL/Security and file changes from the Admin area. | ||
+ | The possible values for these constants are: | ||
+ | * 'ip': Access to the protected pages will be allowed only from specific IP addresses. | ||
+ | * 'file': Access to the protected pages will be allowed only after creating a special file in the <u>var/tmp</u> folder. | ||
+ | The 'file' protection method provides stronger security. | ||
+ | You can disable the protection by setting the constants to FALSE; however, it is highly recommended to keep the protection enabled. | ||
<pre> | <pre> | ||
const PROTECT_XID_BY_IP = 'mask'; | const PROTECT_XID_BY_IP = 'mask'; | ||
</pre> | </pre> | ||
− | + | This constant defines whether the session id of admin user should be locked to the IP address from which this session originated. | |
+ | The possible values are: | ||
+ | * 'ip': Strongly recommended. Using this value provides the highest level of security. With this value, the session id of admin user will be locked to a specific IP address. | ||
+ | * 'mask': Using this value provides medium level of security. With this value the session id of admin user will be locked to the IP subnetwork including the IP address from which the admin session originated. | ||
+ | * FALSE: Not recommended. This value disables binding of admin user session id to his IP address. You may want to use this value if admin is going to work via two or more ISPs alternating all the time. | ||
+ | Note that, if the value of PROTECT_XID_BY_IP at your store is set to 'ip', in rare cases (namely, if your ISP changes your IP address too | ||
+ | often, like every few seconds) you may experience problems logging in to the Admin area. If this happens, consider switching to 'mask' or | ||
+ | disable binding of admin user session IDs to IP addresses altogether by setting the value of PROTECT_XID_BY_IP to FALSE. | ||
+ | |||
<pre> | <pre> | ||
const BLOCK_UNKNOWN_ADMIN_IP = FALSE; | const BLOCK_UNKNOWN_ADMIN_IP = FALSE; |
Revision as of 15:26, 21 January 2013
Section marked "DO NOT CHANGE ANYTHING BELOW THIS LINE UNLESS YOU REALLY KNOW WHAT YOU ARE DOING"
We strongly recommend you do not change any configuration settings that go below the line that says:
# DO NOT CHANGE ANYTHING BELOW THIS LINE UNLESS # YOU REALLY KNOW WHAT ARE YOU DOING
Editing the settings below this line requires profound knowledge of X-Cart architecture. Tampering with these settings may cause considerable damage to your store.
Below are some notes on the contents of this section: &&&&&
$x_time_threshold = 4; $x_mem_threshold = 4194304;
&&&&&
mysql_autorepair = true;
define('USE_DATA_CACHE', true);
This constant defines whether your store should use data caching or not. The two possible values for the USE_DATA_CACHE constant are 'true' and 'false'. By default the value is set to 'true'. It means that caching is enabled.
Changing the value to 'false' is reasonable only if you experience problems in using the store with caching enabled (e.g. if you keep getting error messages about the files in the /var/cache directory of your X-Cart installation).
&&&&&
define('DATA_CACHE_TTL', 24*3600); define('USE_SQL_DATA_CACHE', false); define('SQL_DATA_CACHE_TTL', 3600);
define('USE_MEMCACHE_DATA_CACHE', false); define('MEMCACHE_SERVER_ADDRESS', 'localhost'); define('MEMCACHE_SERVER_PORT', 11211);
abstract class XCSecurity { //{{{
Protection method for SQL/Security and file changes from the Admin area
const PROTECT_DB_AND_PATCHES = 'ip';
const PROTECT_ESD_AND_TEMPLATES = 'ip';
The above two constants allow you to define the protection method for SQL/Security and file changes from the Admin area. The possible values for these constants are:
- 'ip': Access to the protected pages will be allowed only from specific IP addresses.
- 'file': Access to the protected pages will be allowed only after creating a special file in the var/tmp folder.
The 'file' protection method provides stronger security. You can disable the protection by setting the constants to FALSE; however, it is highly recommended to keep the protection enabled.
const PROTECT_XID_BY_IP = 'mask';
This constant defines whether the session id of admin user should be locked to the IP address from which this session originated. The possible values are:
- 'ip': Strongly recommended. Using this value provides the highest level of security. With this value, the session id of admin user will be locked to a specific IP address.
- 'mask': Using this value provides medium level of security. With this value the session id of admin user will be locked to the IP subnetwork including the IP address from which the admin session originated.
- FALSE: Not recommended. This value disables binding of admin user session id to his IP address. You may want to use this value if admin is going to work via two or more ISPs alternating all the time.
Note that, if the value of PROTECT_XID_BY_IP at your store is set to 'ip', in rare cases (namely, if your ISP changes your IP address too often, like every few seconds) you may experience problems logging in to the Admin area. If this happens, consider switching to 'mask' or disable binding of admin user session IDs to IP addresses altogether by setting the value of PROTECT_XID_BY_IP to FALSE.
const BLOCK_UNKNOWN_ADMIN_IP = FALSE;
const ADMIN_ALLOWED_IP = '';
const FRAME_NOT_ALLOWED = FALSE;