Blog

/

Instructions

/

Settings and security tuning

Settings and security tuning

Settings and security tuning
  • Before you start installing Open Real Estate CMS, it's strongly recommended to change the default value of the variable, responsible for users' passwords generating.
    This step is necessary to protect the passwords in case the script is hacked/exploited.

    Before the installation go to file protected\models\User.php and change there the value of variable private static $_saltAddon from default to one of your own. For example: 'abcdef1234'.
    The line with the new value will look like:

    private static $_saltAddon = 'abcdef1234';

    After these changes are applied, admin password recovery won't work as described here: https://monoray.net/forum/viewtopic.php?f=8&p=2571#p2571
    That's why after the installation save values of the fields "password" and "salt" in the table {prefix}users for the role "admin". This can be done in phpmyadmin / adminer.
    We also recommend to enable automatical backup for the entire site (files and database) or to carry out this procedure manually 2 times a month.

  • After the software is installed we also advise to change default cache folder.

    To do it, add a directory in the site root (in the same place where file index.php and folder 'protected' are located). Try to give a unique name to this directory, using latin alphabet. For example: "rtm_cahe"
    Copy all files and folders from the directory protected/runtime into the new directory "rtm_cahe", keeping the hierarchy (folders: cache, HTML, minScript, URI. File: already_install).
    Make the directory and all nested directories writable (set 0777 rights).

    Then in the file protected\config\main.php after the line:

    'basePath'=>dirname(__FILE__).DIRECTORY_SEPARATOR.'..',
    insert the line:
    'runtimePath' => Yii::getPathOfAlias('system') . '/../rtm_cahe/',

  • We also recommend to set your own domain-based value for key 'name' in file protected\config\main.php. By default in free version of the script the key value is 'Open Real Estate'.

    Let's say site domain name is http://example.com. In this case the value can be set to 'examplecom'. To do it, after the line:

    'basePath'=>dirname(__FILE__).DIRECTORY_SEPARATOR.'..',
    insert line:
    'name'=>'examplecom',

  • After step 3 is completed, insert new key 'id' below key 'name'. New key value is equal to key 'name':

    'id'=>'examplecom',

    You are supposed to get the following sequence:

    ...
    'name'=>'examplecom',
    'id'=>'examplecom',
    ...

Note: you perform all the actions described above at your own account. If your knowledge and skills level is not high enough, you'd better go without these extra modifications in the code of CMS.

Learn more about: