Feature #17382
closed
Delete button in yellow warning box
Added by Lars Houmark over 17 years ago.
Updated over 14 years ago.
Description
There should be a delete button/link in the yellow warning box when the warning about the ENABLE_INSTALL_TOOL file is present. This gives the user a much easier way of making the installation "secure" again.
(issue imported from #M5788)
Files
IMHO it would be better if the file could contain data for an IP check.
AFAIR it's not possible to chek in typo3/install/index.php, but there's plenty of room in typo3/init.php for such a check.
So I think a "restrict to IP" button (defaulting to the sessions IP number) is a better approach.
I've heard about wireless people roaming around a building that get new IP's assigned while surfing. May also happen if one wireless station becomes less powerfull than another all of a sudden and the machine decides to reconnect.
So, I don't know about IP, but some hash value in a session cookie would do.
You can allow one or more addresses and address ranges. I'm not suggesting to check if the address changes in the session, but to recheck every time if it allowed. That's what is done for the normal IP check for the BE.
I don't think we need a IP check for it. Every admin should have the possibility to delete it (well, an admin has all rights). And it's not that if you delete it, it's the end of the world since most admins have file system access where they can create the file again. just my two cents.
So, I'd keep it easy and simple.
You don't have file access check everywhere (shared hosts), but you can circumvent the problem with some extensions :-)
Is already in the latest version, so this bug can be set to resolved.
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by