sifu

Thanks for the fast reply Alex It works now - it seems I had to trust the site certificate even though it was invalid. Perhaps what you did sorted that out? Regards

Hi TCH I am setting up the mail for a new site and have setup the account in CPanel ok. I am having trouble getting Apple Mail to connect via IMAP. The identity of “boblo.tchmachines.com” cannot be verified. An SSL error has occurred and a secure connection to the server cannot be made. Initially I used the configuration script to setup my account, and got the error above so deleted the account and set it up manually, and get the same error. Using Port 993. Any suggestions?

David Thank you for taking the time to post a very detailed response to my query. I understand the issues a little more clearly now, and will remember to be nervous whenever a package wants 777. I have installed the Attachment Mod on my board, similar to the one here on the TCH forums. I have restricted the allowed extensions via the board admin settings to images and zips. I have disallowed all other extensions and some extensions, such as php scripts, are disallowed from within the script. I do not have any FTP accounts. In your opinion does this provide an acceptable level of security or are there some more measures I can take ? Could people still access the attachments directory directly, outside of the board ? The directory does contain an index.php which has been written so at deny access to the directory from a browser. Regards

Like Sebastian, I am also interested in learning more about the dangers of 777. A very interesting topic that I am quite concerned about. From my limited experience, I have seen that many common php applications require that some directories be made 777 to allow for a level of interactivity with site users. The ones that immediately come to mind that I have used are: PHP Nuke Gallery Coppermine Various chat modules phpbb attachment mod. I have read on the web that some webmasters will not under any circumstances 777 a directory. But, if we need to do it to make a program workl, what can we do to limit the exposure? Or, in other words, what methods do people employ to upload things into those directories that we don't want them to, such as nasty scripts? I am asking from the point of view of how do I stop it ? Appreciate any advice here.

Thanks David for clearing that up. I will now explore this auto backup script as it seems like a very good idea to me. Whilst we are on the subject of cron, is it possible to run a home dir backup via cron ?

Thanks David Now I am confused! I used to run a CRON for MSAnalysis under PHPNuke, for over a year, but it got disabled earlier this year. TCH's response was as follows. 31 July 2005 Hello, Commands like GET, wget, lynx have been disabled on our servers for security reason. We can not enable it. Please try using curl. Let us know if you need any other clarification. Thanks for choosing TotalChoice Hosting Sincerely, Kris B Technical Support To run php via cron, you need to use GET ? Perhaps I am missing something.

An auto-backup script system like this is one of those things I was GOING TO DO, but never got around to it, so I only have a handful of backups done manually whenever I remembered to do it (I am sure I am the ONLY one in the world who has been in this situation - joking, of course ) My site has now been hacked for the second time (the world is full of nice people). So, before I rebuild, I think my lesson is learnt and I better setup something like this auto backup script. Anyway, my question, scripts like this one require CRON. I understand that earlier this year TCH stopped allowing CRON jobs, so therefore I don't think the automatic features and email features of this script will work. (?) What can we use instead of CRON ? On the business side: I am taking this auto backup matter quite seriously, and Bill, if you are reading this, I would be prepared to pay for a service such as a script like this would provide: - Daily backups - Emailed backups This sort of service could be an add-on and a differentiator for TCH. If you had enough members interested, it could allow you to keep the costs down - couple of dollars a month ?

Wondering if anyone has Gallery installed and is able to upload BMP's. I have installed latest version 1.4.1 and am using ImageMagick pre-installed by TCH. I receive "Error: Invalid Image!" Both Gallery and ImageMagick offer support for BMPs, apparently, but I can't get it working. Have posted a similar request in Gallery forums but no luck so far. I know most people use Gallery for jpg's, but I have a specific need to upload small bmps. If you have Gallery installed can you try and see if you can upload BMP's ?

thanks for the response. Guess I'll go the monthly option then ! Regards

I am going through the signup process and wanted to choose the simple resellers plan, but pay yearly. This does not seem to be an option. Any reason ?

Andy Thanks for the prompt response ! Seems like you have a few service staff in different countries. Does this mean with the timezone differences that there is always staff here ? I'm impressed. I am going to join this company... Before I do I am getting my domain registrar details together so I can redirect my nameservers when the time comes. I would be interested in other family members thoughts on my PHPNuke server time issue. This is actually a difficult issue in the nuke community right now, so that's why I asked if there was something that could be done at server-level. That's it from me for now. Thanks again.

Hi I am thinking of switching over to one of your reseller plans - not because I want to become a webhoster - but just because i have 5 domains which I want to manage separately. Your packages look really good and it appears from this forum that you believe in service, now that is nice ! 1. Server Time I run PHPNuke, in various flavours from 6.5 to 6.9 as well as OSC2Nuke and one thing that bugs me is that Nuke relies heavily on the server time. Nuke itself can't deal with time offsets. eg: Your servers are in US, but I am not. I want my sites to show the time where I am, not where your servers are. This affects news posts, shoutblocks, blogs and forums. Can I control the time which applies to my sites ??? 2. Credit Card Processing Do you provide this service, or do you have a partner firm ? Can you recommend someone. 3. CPanel Transfers You mentioned you can do this. Could you do this with 4 existing websites? 4. SSL Does the reseller plans include free shared SSL ? It doesn't appear in the list of features, but it does for the standard plans. Sorry for so many questions...what I have seen so far impresses me. Thumbs Up If you say yes, I think I am sold !