From d19288b7c3c8005faf4b6e4aee1a0134ca2b6c65 Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Wed, 25 Aug 2021 12:39:07 +0200 Subject: [PATCH] take section on jumploader, minor corrections --- doc/README.Install.md | 42 +++++++++++++++++------------------------- 1 file changed, 17 insertions(+), 25 deletions(-) diff --git a/doc/README.Install.md b/doc/README.Install.md index 05ddf21fc..e18de00b2 100644 --- a/doc/README.Install.md +++ b/doc/README.Install.md @@ -8,13 +8,13 @@ SeedDMS is a web-based application written in PHP. It uses MySQL, sqlite3 or postgresql to manage the documents that were uploaded into the application. Be aware that postgresql is not very well tested. -Make sure you have PHP 7.x and MySQL 5 or higher installed. SeedDMS +Make sure you have PHP >= 7.2 and MySQL 5 or higher installed. SeedDMS will work with PHP running in CGI-mode as well as running as a module under apache. Here is a detailed list of requirements: -1. A web server with at least php 7.0 +1. A web server with at least php 7.2 2. A mysql database, unless you use sqlite 3. The php installation must have support for `pdo_mysql`, `pdo_pgsql` or `pdo_sqlite`, `php_gd2`, `php_mbstring`, `php_xml` @@ -30,23 +30,24 @@ Here is a detailed list of requirements: It is highly recommended to use the quickstart archive (seeddms-quickstart-x.y.z.tar.gz) because it includes all software packages (excluding those listing above in item 1. to 6.) for running SeedDMS. Hence, -you still need a working web server with PHP and a mysql or postgres database -unless you intend to use sqlite. +you still need a working web server with PHP and in addition a mysql or postgres database unless you intend to use sqlite. QUICKSTART =========== The fastes way to get SeedDMS running is by unpacking the archive `seeddms-quickstart-x.y.z.tar.gz` on your webserver. -Let's assume you use seeddms-quickstart-5.1.10.tar.gz. +Let's assume you use seeddms-quickstart-5.1.x.tar.gz. It will create a new directory `seeddms51x` containing everything you -need to run SeedDMS with sqlite3. +need to run SeedDMS with sqlite3. Even if you intend to use mysql in the +long run it is advisable to first set up SeedDMS with sqlite3 and than +just switch the database. Setting up the web server -------------------------- -First you will need to set up your web server. Here, we will only focus -on apache. +First of all you will need to set up your web server. Here, we will only focus +on apache running on Debian/GNU Linux. Either let the document root of your web server point to the directory `www` below `seeddms51x` @@ -95,7 +96,7 @@ http://your-domain/ or http://your-domain/seeddms51x. SECURITY CONSIDERATIONS ======================= -First of all you should always access your SeedDMS installation through +You should always access your SeedDMS installation through a secured https connection, unless you know precisly what are you doing. SeedDMS ships an .htaccess file which already has some common security http headers set. In order for them to apply you need to activate the @@ -110,13 +111,15 @@ Protect directories with data or configuration A crucial point when setting up SeedDMS is the propper placement of the data directory. Do not place it below your document root as -configured in your web server! If you do so, there is good change that -attackers can easily access your documents with a regular browser. -If you can't place the data directory outside of document root, that either +configured in your web server! If you do so, there is a good change that +attackers can easily access your documents with a regular web browser. +If you cannot place the data directory outside of document root, than either restrict access to it with an appropriate .htaccess file or/and change the `contentOffsetDir` in `settings.xml` to something random, but ensure it is still a valid directory name. If you change contentOffsetDir then do not forget to move `data/1048576` to `data/`. +Also turn off directory listings in your apache configuration for the +`data` directory. Example for .htaccess file in data directory ---------------------------------------------- @@ -146,7 +149,8 @@ can be crucial for those configuration options where external commands are being configured, e.g. for the full text engine or creating preview images. As a hoster you may not want this configuration options being set by a SeedDMS administrator. For now you need to make the configuration file `settings.xml` -unwritable for the web server. +unwritable for the web server. In that case the SeedDMS administrator can +still see the configuration but will not be able to change it. Setting a new encryption key ------------------------------ @@ -564,16 +568,4 @@ LICENSING SeedDMS is licensed unter GPLv2 -Jumploader is licensed as stated by the author on th web site - - --- Taken from web site of jumploader --- -You may use this software for free, however, you should not: - -- Decompile binaries. -- Alter or replace class and/or resource files. -- Redistribute this software under different name or authority. - -If you would like a customized version, I can do this for a fee. Don't hesitate to contact me with questions or comments. - Uwe Steinmann