Jump to content
The Uniform Server Community

HTTP_REFERER is not localhost. but ''.


Acoustik
 Share

Recommended Posts

I have seen the other threads on this topic under version 3.2, and the solution was to upgrade to 3.3. Well, I have 3.3 installed on a USB Drive, and have run on 2 seperate machines and get the following error on both. Any ideas?

 

» Security Alert!

Possible Attack

HTTP_REFERER is not localhost. but ''.

 

To disable this warning go: /home/admin/www/cgi-bin/secure.pm

Link to comment
Share on other sites

Thanks for the quick reply.

 

Actually yes, I should have mentioned that. I have commented out all lines in the file per instructions, and restarted the server. No change.

 

Both machines have had MySQL installed at one time as development servers. I uninstalled after setting up UniServer so that my development can be portable. I could swear that MySQL worked on UniServer before uninstalling from one of the PCs. I shut down the db server on the PC and then started from Uniserver. After uninstall on the PC, no luck.

 

Have you tried reading the file? You can disable it there...

2696[/snapback]

Link to comment
Share on other sites

I have seen the other threads on this topic under version 3.2, and the solution was to upgrade to 3.3.  Well, I have 3.3 installed on a USB Drive, and have run on 2 seperate machines and get the following error on both.  Any ideas?

 

» Security Alert!

Possible Attack

HTTP_REFERER is not localhost. but ''.

 

To disable this warning go: /home/admin/www/cgi-bin/secure.pm

2695[/snapback]

 

I have had the same problem, but I figured a way around it. I commented out the security check. I commented out the top line that says

 

require secure;

 

with a #require secure;

 

Then, I just restarted mysql and it worked. Make sure you comment it out on all the files that require a security check, mainly

 

rmysql.cgi

rserver.cgi

dserver.cgi

smysql.cgi

sserver.sgi

 

But this will pose a security risk unless you make sure you only give access to your ip, 127.0.0.1, in the .htaccess file and deny every other ip address.

Link to comment
Share on other sites

Thank you Bleek. Your suggestion did the trick on my home system.

 

Now, I still have to troubleshoot my "locked down" system here at work. Even though the machine shows that I have admin rights, I know that is not fully the case. I will try reinstalling Apache and MySQL as services on the machine, shut down the services, and then retry running from the USB, so as to recreate the working setup prior to uninstallation of services.

 

UPDATE: Not sure exactly why this makes a difference, but after reinstalling Apache as a service on the base PC, additional issues seem to have been resolved.

 

I shut down the Apache instance on the PC, start the Uniserver on the USB and all functions are not working.

 

Thanks all!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

×
×
  • Create New...