chamilo-lms

Commit Graph

Author	SHA1	Message	Date
Yannick Warnier	055273bd24	Global: Set Apache redirect rules in .htaccess to defaults that work with most Apache >2.4.38-3.	8 months ago
Yannick Warnier	3439ff1d71	Documentation: Add precision bout the syntax for new RewriteRule with Apache > 2.4.38-3	9 months ago
Yannick Warnier	408cdb45e7	Security: Prevent directory indexing globally (no reason to enable it for web requests) - refs BT#22085	11 months ago
Yannick Warnier	1d91665244	Security: Prevent access to web.config on Apache servers (also documented in the installation guide for nginx) - refs BT#22085	11 months ago
Yannick Warnier	e864127a44	Security: Add redirect to .htaccess to avoid direct access to bigupload temporary upload directory	2 years ago
NicoDucou	cccb247265	System: Security: one more indication for a missing line on how to fix an apache problem present since version 2.4.38-3 with rediction of URL with spaces not working any more - refs BT#20674 and BT#20614	2 years ago
Angel Fernando Quiroz Campos	6f32625a01	System: Security: Add header rule to avoid MIME-sniffing	2 years ago
NicoDucou	d079f0b804	System: Security: indication on how to fix an apache since problem present since version 2.4.38-3 with rediction of URL with spaces not working any more - refs BT#20674 and BT#20614	2 years ago
Yannick Warnier	454f945fca	Internal: Remove .htaccess rule redirecting root literals like /[username] to users.php?[username]. This rule was introduced a very long time ago to emulate social networks. It is confusing and clearly not a very logical rule at the age of RGPD.	3 years ago
TheTomcat14	19863bbab3	Replace platform logo with course logo The update adds the possibility to upload a course logo with the same dimensions as the platform logo. The uploaded course logo can be applied to the header, email-template and pdf-export.	3 years ago
Yannick Warnier	37b205d258	Security: Add forbidden access to .yml and .yml.dist to .htaccess - refs BT#20295	3 years ago
Yannick Warnier	3a72cab99e	Web server: Add documentation about uncommenting optional SSL block in .htaccess	4 years ago
Nosolored SL	19e158041b	Force https Force SSL/https - Uncomment if you need it Resolving insecure site and mixed-content warnings	4 years ago
Julio	4c36bbc833	Add AcceptPathInfo Off in order to disable access to myfile.php/something	4 years ago
Julio Montoya	229302139e	Update .htaccess. disallow PHP inside web/	4 years ago
NicoDucou	3f31b70149	Admin - CAS : add QSA flag in redirect to keep CAS ticket in URL after redirection -refs BT#17887	5 years ago
Yannick Warnier	5f517f9752	Global: Remove conditional rules for mod security in .htaccess as they can break an installation under certain circumstances (SecRuleRemoveById not allowed in <If> context) - refs #3163	5 years ago
Yannick Warnier	047dbdfb9a	Security: Add ModSecurity exceptions in .htaccess against false positive XSS detection - refs #3163	5 years ago
Julio Montoya	52c77b30d0	Add "block_my_files_access" config see BT#15586 Block anon users in the upload / my_files folder	6 years ago
Julio	cb8c066648	Add app/courses/proxy.php add rule in .htaccess to allow that file BT#15402	7 years ago
Angel Fernando Quiroz Campos	08f7a9de32	Skills: Fix htaccess url for badge - refs BT#15374	7 years ago
Angel Fernando Quiroz Campos	3d85ebc651	Fix .htaccess rule + update installation guide #2707	7 years ago
Angel Fernando Quiroz Campos	675198f427	LTI set unique url and sourcedid for services - refs BT#13469	7 years ago
Yannick Warnier	5ad81abec2	Avoid checking image files in SCORM content to increase speed	7 years ago
Yannick Warnier	58cd97f581	Optimize loading of custom icons in courses - refs BT#14953	7 years ago
Angel Fernando Quiroz Campos	4767a90c9c	WIP LTI verify oauth signature in service - refs BT#13469	7 years ago
Yannick Warnier	2e554821b0	Add SCORM optimization for content with lots of JS/CSS by allowing direct access to JS and CSS files only	7 years ago
Yannick Warnier	385a84efe6	Security: Add app/Resources/public/css to the list of directories where execution of PHP is forbidden	7 years ago
Yannick Warnier	d5129ad7ed	Security: Update PHP files extension matching pattern in .htaccess and documentation to match all possible forms supported by PHP 5 and PHP 7.	7 years ago
Yannick Warnier	1c27a8b42a	Security: add rules to .htaccess to prevent direct PHP execution from the corresponding directories and updates security.html with a missing change in the previous commit. Using security.html is still the recommended way to go for security, but in the absence of that, we want to make sure Chamilo is always more secure.	7 years ago
Alex Aragón	dd3390a6b9	Adding page about the course refs - BT#7683	7 years ago
Yannick Warnier	d27f1c81df	Boost: Add simple caching rules for woff font files to avoid loading OpenSans at each request	8 years ago
Angel Fernando Quiroz Campos	0b2d088c9b	Fix conflict with RewriteRule for user.php - refs BT#12242	9 years ago
jmontoyaa	869ed502dc	Fix course image redirection see BT#12234	9 years ago
jmontoyaa	a189b0edc0	Add download_uploaded_files.php to process course/X/tool/upload/() Files inside course/X/tool/upload/() are process internally in order to get the correct file location (vchamilo).	9 years ago
José Loguercio	073df113a1	Added Service Catalog and Reports Handler - Refs BT#12077	9 years ago
jmontoyaa	0ab3354186	Block access to tests and .git via browser	9 years ago
Yannick Warnier	b6be4224a7	Add temporary patch to make certificates media publicly accessible	9 years ago
Yannick Warnier	21e47bca07	Refactoring: move main/newscorm/ to main/lp/ and related folders (except code for migration from 1.9 and 1.10)	9 years ago
Yannick Warnier	ba818ee23e	Refactoring: move main/exercice/ to main/exercise/ and related folders (except code for migration from 1.9 and 1.10)	9 years ago
Yannick Warnier	76bc2407ac	Restore support for link to badges from version 1.10 - refs BT#10651	9 years ago
José Loguercio	d1503a94ec	Added new "All Issued" page for Same skills badges obtained by a user - Ref BT#10651	9 years ago
José Loguercio	b16162f627	Modify .htaccess to redirect Badge Issue - Refs BT#10651	9 years ago
Nicolas Ducoulombier	7eff7b8c25	fix course access with no final '/' in URL -refs CT#7976	10 years ago
Yannick Warnier	6825ffccdd	Update rules for redirection to badge issue page	10 years ago
Yannick Warnier	82f62075f2	Add Friendly URL rule for issued badges - refs CT#7881	10 years ago
Angel Fernando Quiroz Campos	a7f2c5f677	Add RewriteRule to get files in course directories - refs BT#10175	10 years ago
Angel Fernando Quiroz Campos	d44a357ce2	Fix rewrite rule on htaccess for About Session page - refs BT#9889 #TMI	10 years ago
Angel Fernando Quiroz Campos	bd5519006e	Add About Session page - refs BT#9889 #TMI	10 years ago
Julio Montoya	58eb691e2a	Fix course redirection cDir (directory vs code)	10 years ago

1 2

56 Commits (b7ceb1456e349c41f273ff45bcde673a1938b48a)