@Tom that should do it. Don't forget your trailing slash!
Ok, our hoster this morning recommended the .htaccess option. They indicated that making an extra folder, outside httpdocs would require "open base_dir", which then offsets the intended security, leaving not much gain.
If that is really the case, then the egg install could have done it in the first place, saving a lot of first-timers some trouble installing...
Openbase_dir is a supplemental security system to PHP implemented via an Apache mod that restricts the directories in which PHP is able to access files. It is meant to increase security and is actually not required to allow PHP to access files outside of a document root.
There may be some confusion between what I'm saying, what you're saying to them, and what you're saying they're saying, but at this point, were I you, I'd consider moving away from this host. The allure of low-cost shared hosting is appealing, but you run into problems exactly like this where the host gives half-truths and has confusing, non-standard server setups. The good news is that VPSs are very cheap...
David,
I'm on a Media Temple DV account and keep getting the data folder not writable error. Did you do anything specific that may fix that?
Thanks.
Greetz, So has anyone got elgg running on (GS) account?
es I finally made it! on (gs) Mediatemple, this is how:
1. upload folder of elgg and create a DB in MYQL 5. Mediatemple has active Apache CGI and Mod rewrites so is ready for Elgg!!
2. Do not go to browser yet.
3. Go to . htaccess inside elg folder and delete all replace for this code: ( notice that all info about php 4 is deleted!. The error was that even you have on your admin account to update to php 5, this scripts detects php 4 and get an error )
# Elgg htaccess directives # Copyright Curverider Ltd 2008-2009 # License http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2 # Link http://elgg.org/ <IfModule !mod_rewrite.c> # ugly ugly hack to detect missing mod_rewrite # RedirectMatch must be to an absolute destination, so forces 500 error... ErrorDocument 500 "Elgg error: Apache does not have mod_rewrite loaded. Please check your Apache setup." RedirectMatch 302 .* index.php </IfModule> <Files "htaccess_dist"> order allow,deny deny from all </Files> # Don't listing directory Options -Indexes # Follow symbolic links Options +FollowSymLinks # Default handler DirectoryIndex index.php # Turn on expiry <IfModule mod_expires.c> ExpiresActive On ExpiresDefault "access plus 10 years" # php 5, apache 1 and 2 <IfModule mod_php5.c> # default memory limit to 64Mb php_value memory_limit 64M # to make sure register global is off php_value register_globals 0 # max post size to 8Mb php_value post_max_size 8388608 # upload size limit to 5Mb php_value upload_max_filesize 5242880 # hide errors, enable only if debug enabled php_value display_errors 0 </IfModule> # Turn on mod_gzip if available <IfModule mod_gzip.c> mod_gzip_on yes mod_gzip_dechunk yes mod_gzip_keep_workfiles No mod_gzip_minimum_file_size 1000 mod_gzip_maximum_file_size 1000000 mod_gzip_maximum_inmem_size 1000000 mod_gzip_item_include mime ^text/.* mod_gzip_item_include mime ^application/javascript$ mod_gzip_item_include mime ^application/x-javascript$ # Exclude old browsers and images since IE has trouble with this mod_gzip_item_exclude reqheader "User-Agent: .*Mozilla/4\..*\[" mod_gzip_item_exclude mime ^image/.* </IfModule> ## Apache2 deflate support if available ## ## Important note: mod_headers is required for correct functioning across proxies. ## <IfModule mod_deflate.c> AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/x-javascript BrowserMatch ^Mozilla/4 gzip-only-text/html BrowserMatch ^Mozilla/4\.[0678] no-gzip BrowserMatch \bMSIE !no-gzip <IfModule mod_headers.c> Header append Vary User-Agent env=!dont-vary </IfModule> # The following is to disable compression for actions. The reason being is that these # may offer direct downloads which (since the initial request comes in as text/html and headers # get changed in the script) get double compressed and become unusable when downloaded by IE. SetEnvIfNoCase Request_URI action\/* no-gzip dont-vary SetEnvIfNoCase Request_URI actions\/* no-gzip dont-vary </IfModule> # Configure ETags <FilesMatch "\.(jpg|jpeg|gif|png|mp3|flv|mov|avi|3pg|html|htm|swf)$"> FileETag MTime Size </FilesMatch> <IfModule mod_rewrite.c> RewriteEngine on # If Elgg is in a subdirectory on your site, you might need to add a RewriteBase line # containing the path from your site root to elgg's root. e.g. If your site is # http://example.com/ and Elgg is in http://example.com/sites/elgg/, you might need # #RewriteBase /sites/elgg/ # # here, only without the # in front. # # If you're not running Elgg in a subdirectory on your site, but still getting lots # of 404 errors beyond the front page, you could instead try: # #RewriteBase / RewriteRule ^action\/([A-Za-z0-9\_\-\/]+)$ engine/handlers/action_handler.php?action=$1 RewriteRule ^services\/api\/([A-Za-z0-9\_\-]+)\/(.*)$ engine/handlers/service_handler.php?handler=$1&request=$2 RewriteRule ^export\/([A-Za-z]+)\/([0-9]+)$ services/export/handler.php?view=$1&guid=$2 RewriteRule ^export\/([A-Za-z]+)\/([0-9]+)\/$ services/export/handler.php?view=$1&guid=$2 RewriteRule ^export\/([A-Za-z]+)\/([0-9]+)\/([A-Za-z]+)\/([A-Za-z0-9\_]+)\/$ services/export/handler.php?view=$1&guid=$2&type=$3&idname=$4 RewriteRule ^\_css\/css\.css$ _css/css.php RewriteRule ^pg\/([A-Za-z0-9\_\-]+)\/(.*)$ engine/handlers/pagehandler.php?handler=$1&page=$2 RewriteRule ^pg\/([A-Za-z0-9\_\-]+)$ engine/handlers/pagehandler.php?handler=$1 RewriteRule xml-rpc.php engine/handlers/xml-rpc_handler.php RewriteRule mt/mt-xmlrpc.cgi engine/handlers/xml-rpc_handler.php RewriteRule ^tag/(.+)/?$ engine/handlers/pagehandler.php?handler=search&page=$1 </IfModule>
@Tom that should do it. Don't forget your trailing slash!
Ok, our hoster this morning recommended the .htaccess option. They indicated that making an extra folder, outside httpdocs would require "open base_dir", which then offsets the intended security, leaving not much gain.
If that is really the case, then the egg install could have done it in the first place, saving a lot of first-timers some trouble installing...
Openbase_dir is a supplemental security system to PHP implemented via an Apache mod that restricts the directories in which PHP is able to access files. It is meant to increase security and is actually not required to allow PHP to access files outside of a document root.
There may be some confusion between what I'm saying, what you're saying to them, and what you're saying they're saying, but at this point, were I you, I'd consider moving away from this host. The allure of low-cost shared hosting is appealing, but you run into problems exactly like this where the host gives half-truths and has confusing, non-standard server setups. The good news is that VPSs are very cheap...
@Tom that should do it. Don't forget your trailing slash!
Ok, our hoster this morning recommended the .htaccess option. They indicated that making an extra folder, outside httpdocs would require "open base_dir", which then offsets the intended security, leaving not much gain.
If that is really the case, then the egg install could have done it in the first place, saving a lot of first-timers some trouble installing...
Openbase_dir is a supplemental security system to PHP implemented via an Apache mod that restricts the directories in which PHP is able to access files. It is meant to increase security and is actually not required to allow PHP to access files outside of a document root.
There may be some confusion between what I'm saying, what you're saying to them, and what you're saying they're saying, but at this point, were I you, I'd consider moving away from this host. The allure of low-cost shared hosting is appealing, but you run into problems exactly like this where the host gives half-truths and has confusing, non-standard server setups. The good news is that VPSs are very cheap...
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by RaĆ¼l Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.