Nooku Framework has problems with the Suhosin patch.

Posted: April 7, 2013 in .htaccess
[error] [client 192.168.3.2] ALERT - Include filename 
('tmpl:///var/www/joomla/components/com_foo/views/people/tmpl/default.php')
is an URL that is not allowed (attacker '192.168.3.2', 
file '/var/www/joomla/plugins/system/koowa/view/abstract.php', line 418)


To fix this add the following to your php.ini file if you are using suhosin :


   suhosin.executor.include.whitelist = tmpl://, file://


Remember that you likely need to add this to a php.ini file in your joomla root folder, and your /administrator/folder.
And some .ini users might need to also add session.save_path = /tmp

If the user can't use .ini configuration files, here's how to do it by .htaccess :


<IfModule mod_php.c> 
    php_value suhosin.executor.include.whitelist tmpl://, file:// 
</IfModule>

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s