Hi, I am having trouble running kickstart.php.
I have uploaded kickstart.php into /web directory of my public_html/ directory. But when I attempt to run it by going to www.mydomainexample.com.au/web/kickstart.php I get the following error. I have never received this error before when using kickstart on previous occasions.
Akeeba Kickstart Professional – Insecure setup detected
Akeeba Kickstart has detected that its file name is kickstart.php. Please change the file name to something which does not begin with kickstart and ends with .php. For example, you could rename the file to myexample.php Then you can access this file by replacing kickstart.php with the new name in the address bar of your browser.
Why do you need to do that?
Due to its nature, Akeeba Kickstart will execute commands send to it by any web visitor. There is no way to verify the visitor's identity. Since Akeeba Kickstart Professional allows you to import ZIP archives from arbitrary URLs an attacker can use it to load malware to your site while you are restoring your site. Your only protection is to rename Kickstart's file to prevent the attacker from using Akeeba Kickstart Professional against you.
If you do not need the additional features of Akeeba Kickstart Professional you are strongly advised to use Akeeba Kickstart Core. Since it lacks the ability to import remote files it's safe to use without renaming the file.
So I renamed it getgoing.php from within cpanel filemanager and attempted to run that, but I just got a blank page. If I rename it back to kickstart.php I get the same insecure error. I want to be able to use Amazon S3, so need the pro version.
Is there an error with kickstart or have I done something wrong?
Regards
Nicola
I have uploaded kickstart.php into /web directory of my public_html/ directory. But when I attempt to run it by going to www.mydomainexample.com.au/web/kickstart.php I get the following error. I have never received this error before when using kickstart on previous occasions.
Akeeba Kickstart Professional – Insecure setup detected
Akeeba Kickstart has detected that its file name is kickstart.php. Please change the file name to something which does not begin with kickstart and ends with .php. For example, you could rename the file to myexample.php Then you can access this file by replacing kickstart.php with the new name in the address bar of your browser.
Why do you need to do that?
Due to its nature, Akeeba Kickstart will execute commands send to it by any web visitor. There is no way to verify the visitor's identity. Since Akeeba Kickstart Professional allows you to import ZIP archives from arbitrary URLs an attacker can use it to load malware to your site while you are restoring your site. Your only protection is to rename Kickstart's file to prevent the attacker from using Akeeba Kickstart Professional against you.
If you do not need the additional features of Akeeba Kickstart Professional you are strongly advised to use Akeeba Kickstart Core. Since it lacks the ability to import remote files it's safe to use without renaming the file.
So I renamed it getgoing.php from within cpanel filemanager and attempted to run that, but I just got a blank page. If I rename it back to kickstart.php I get the same insecure error. I want to be able to use Amazon S3, so need the pro version.
Is there an error with kickstart or have I done something wrong?
Regards
Nicola