Textpattern CMS demo site

gaekwad · 2014-07-17 14:28:35

etc wrote #282229:

Without any protection, a plugin could empty, or maybe even drop a txp table. That’s enough to crash the site.

True. I’m still weighing up the risk/benefit for having plugin upload enabled. Potentially, the site(s) could be down/broken for 3 hours, then be restored and come back to life. Is that too much of a risk? The 3 hour window is trivial to change, of course – and perhaps a ‘report broken site’ link might be in order to have it restored ahead of time …which raises the question of getting around that and just shortening the rebuild interval to 1 or 2 hours.

etc · 2014-07-17 14:40:14

gaekwad wrote #282231:

Potentially, the site(s) could be down/broken for 3 hours, then be restored and come back to life. Is that too much of a risk?

I’d say — wait and see — but plugins open the gate to php scripting, and who knows how much harm can be done to the server in 3 hours?

Bloke · 2014-07-17 14:57:01

etc wrote #282232:

plugins open the gate to php scripting

True, but inside an Article or Page or Form:

<txp:php>
safe_query('drop txp_users;');
</txp:php>

and boom, everyone’s gone. You can’t get round that unless you disable PHP in pages and articles and then remove access to Admin->Preferences so it can’t be changed. It’s beginning to sound like less of a demo and more of a ‘look at the interface… you just can’t do anything’ :-p

So, either:

allow plugins and PHP, or
block both and remove Prefs access

Like Pete says, a sandbox environment with no external access that rebuilds The Matrix every few hours. Where’s the incentive to do harm? And a report link is a great idea to initiate a premature rebuild… once the timer is in place since it’ll get out of sync with the schedule.

EDIT: Although not the strictest use of it as a demo site, one argument I can think of for keeping plugins is so users who want to upgrade to the latest version, but haven’t for fear of plugin incompatibility, can install legacy plugins and try them out to see if they run OK (or try new versions to check they still fulfil their needs). Same goes for the dev platform: a handy testbed to see what might break with existing plugins, which might also be used as a feedback loop to us so we can address potential problems earlier.

etc · 2014-07-17 15:29:45

Bloke wrote #282233:

True, but inside an Article or Page or Form: <txp:php>... and boom, everyone’s gone. … Like Pete says, a sandbox environment with no external access that rebuilds The Matrix every few hours. Where’s the incentive to do harm?

Wish Jukka were here :) Not sure, but 3-hours spamming could be enough to get blacklisted. Bad stuff uploading/distribution is probably possible too. I would totally disarm php() function (in the demo core) and disable plugin install. Or install a collection of “official” ones, maybe creating permanent accounts for authors. But let’s wait and see.

gaekwad · 2014-07-17 15:31:09

etc wrote #282234:

Not sure, but 3-hours spamming could be enough to get blacklisted.

Oh, I’m certain 3 hours is more than enough to get blacklisted – but there’s no MTA installed. Email is disabled.

gaekwad · 2014-07-17 15:38:28

Bloke wrote #282233:

And a report link is a great idea to initiate a premature rebuild… once the timer is in place since it’ll get out of sync with the schedule.

Link added. Countdown timer to follow.

etc · 2014-07-17 15:42:00

gaekwad wrote #282236:

Oh, I’m certain 3 hours is more than enough to get blacklisted – but there’s no MTA installed. Email is disabled.

One can post spam to websites.

gaekwad · 2014-07-17 15:43:43

etc wrote #282238:

One can post spam to websites.

Please excuse my ignorance, Oleg – you mean comment spam on other website articles with a URL link to the demo site?

etc · 2014-07-17 15:50:50

gaekwad wrote #282239:

you mean comment spam on other website articles with a URL link to the demo site?

Pete, I mean posting comment spam to external websites from your demo site, file_get_contents function does it quite easily. Or even conduct a DoS attack. Or I’m paranoiac :)

gaekwad · 2014-07-17 15:51:53

etc wrote #282241:

Pete, I mean posting comment spam to external websites from your demo site, file_get_contents function does it quite easily. Or even conduct a DoS attack. Or I’m paranoiac :)

Ah, OK – thanks for the clarification. A firewall preventing all external connections would mitigate that, right?

etc · 2014-07-17 16:03:16

gaekwad wrote #282242:

A firewall preventing all external connections would mitigate that, right?

Quite possible, I’m network dilettante. An expert advice is welcome.

gaekwad · 2014-07-17 16:09:51

etc wrote #282243:

Quite possible, I’m network dilettante. An expert advice is welcome.

+1. Your input is very valuable, so thank you for sharing your concerns.

I have firewalled the server. Incoming connections outside of port 80 and the (non-standard) ssh port are blocked. All outgoing connections outside of Subversion are blocked.

Last edited by gaekwad (2014-07-18 09:17:56)

Textpattern CMS

Textpattern CMS support forum

#13 2014-07-17 14:28:35

Re: Textpattern CMS demo site

etc wrote #282229:

#14 2014-07-17 14:40:14

Re: Textpattern CMS demo site

gaekwad wrote #282231:

#15 2014-07-17 14:57:01

Re: Textpattern CMS demo site

etc wrote #282232:

#16 2014-07-17 15:29:45

Re: Textpattern CMS demo site

Bloke wrote #282233:

#17 2014-07-17 15:31:09

Re: Textpattern CMS demo site

etc wrote #282234:

#18 2014-07-17 15:38:28

Re: Textpattern CMS demo site

Bloke wrote #282233:

#19 2014-07-17 15:42:00

Re: Textpattern CMS demo site

gaekwad wrote #282236:

#20 2014-07-17 15:43:43

Re: Textpattern CMS demo site

etc wrote #282238:

#21 2014-07-17 15:50:50

Re: Textpattern CMS demo site

gaekwad wrote #282239:

#22 2014-07-17 15:51:53

Re: Textpattern CMS demo site

etc wrote #282241:

#23 2014-07-17 16:03:16

Re: Textpattern CMS demo site

gaekwad wrote #282242:

#24 2014-07-17 16:09:51

Re: Textpattern CMS demo site

etc wrote #282243:

Board footer