Hello,
I have a client that is having difficulties using GridBox by Balbooa.com to develop her site. Even though she logs into the backend for website development it looks like this particular software is a website builder where the process of creating and editing happens behind the scenes using frontend access.
I normally do not configure clients to have SuperAdmin access or frontend SuperAmin privileges but Gridbox seems to require SuperAdmin privileges and that I have the "Forbid frontend Super Administrator login" option disabled for it to display editing options properly. Unfortunately even with this option disabled she is getting locked out as soon as she attempts to edit anything with the following DFIShield triggers.
=================================
DFIShield https://---her_domain---.com/index.php?option=com_gridbox&layout=uploader&task=uploader.showImage&image=/home/heruser/public_html/images/10_year_window.jpg
DFIShield https://---her_domain---.com/index.php?option=com_gridbox&layout=uploader&task=uploader.showImage&image=/home/heruser/public_html/images/FollowFB.png
DFIShield https://---her_domain---.com/index.php?option=com_gridbox&layout=uploader&task=uploader.showImage&image=/home/heruser/public_html/images/PicMonkey%20Collage12.jpg
DFIShield https://---her_domain---.com/index.php?option=com_gridbox&layout=uploader&task=uploader.showImage&image=/home/heruser/public_html/images/baby-bullet.jpg
DFIShield https://---her_domain---.com/index.php?option=com_gridbox&layout=uploader&task=uploader.showImage&image=/home/heruser/public_html/images/bts1.jpg
DFIShield https://---her_domain---.com/index.php?option=com_gridbox&layout=uploader&task=uploader.showImage&image=/home/heruser/public_html/images/KU_flipf_toering.jpg
=================================
Should I disable the "Direct File Inclusion shield (DFIShield)" option? Can you suggest any configurations that may work with Gridbox without punching too many holes and creating a security nightmare?
What are your thoughts/suggestions?
Thanks,
Brian
I have a client that is having difficulties using GridBox by Balbooa.com to develop her site. Even though she logs into the backend for website development it looks like this particular software is a website builder where the process of creating and editing happens behind the scenes using frontend access.
I normally do not configure clients to have SuperAdmin access or frontend SuperAmin privileges but Gridbox seems to require SuperAdmin privileges and that I have the "Forbid frontend Super Administrator login" option disabled for it to display editing options properly. Unfortunately even with this option disabled she is getting locked out as soon as she attempts to edit anything with the following DFIShield triggers.
=================================
DFIShield https://---her_domain---.com/index.php?option=com_gridbox&layout=uploader&task=uploader.showImage&image=/home/heruser/public_html/images/10_year_window.jpg
DFIShield https://---her_domain---.com/index.php?option=com_gridbox&layout=uploader&task=uploader.showImage&image=/home/heruser/public_html/images/FollowFB.png
DFIShield https://---her_domain---.com/index.php?option=com_gridbox&layout=uploader&task=uploader.showImage&image=/home/heruser/public_html/images/PicMonkey%20Collage12.jpg
DFIShield https://---her_domain---.com/index.php?option=com_gridbox&layout=uploader&task=uploader.showImage&image=/home/heruser/public_html/images/baby-bullet.jpg
DFIShield https://---her_domain---.com/index.php?option=com_gridbox&layout=uploader&task=uploader.showImage&image=/home/heruser/public_html/images/bts1.jpg
DFIShield https://---her_domain---.com/index.php?option=com_gridbox&layout=uploader&task=uploader.showImage&image=/home/heruser/public_html/images/KU_flipf_toering.jpg
=================================
Should I disable the "Direct File Inclusion shield (DFIShield)" option? Can you suggest any configurations that may work with Gridbox without punching too many holes and creating a security nightmare?
What are your thoughts/suggestions?
Thanks,
Brian
