Hi Matt
We get the same error message as the others:
[ Failed to load HTML file: Please check your server configuration. You may want to whitelist “*.html” files from the “plugins” directory. The HTTP status code is 403 for URL “plugins/ZenMode/angularjs/quick-access/quick-access.html” ]
As well as this error since we upgraded to 2.3 and 2.4 our logo and Favicon does not appear under General Settings and when re-uploaded still do not appear. ?? If displays an empty small tiny image of a ripped bit of paper (see attached image) ? We have tried various types and sizes of images but they just don’t upload. The Feedback Plugin is disabled. The logos also do not appear on the login screen anymore or in upper left corner for menu bar?
The following info is what I can gleem - hope this assists:)
Cheers for asssist.
Gman,
Apache version 2.4.9
PHP version 5.4.29
MySQL version 5.5.36-cll
Architecture x86_64
Operating system linux
Path to sendmail /usr/sbin/sendmail
Path to Perl /usr/bin/perl
Perl version 5.8.8
Kernel version 2.6.32-531.11.2.lve1.2.55.el6.x86_64
cPanel Pro 1.0 (RC1)
Security Testing of Piwik reports:
Application
Test Result
PHP You are running PHP 5.4.29. The latest version of PHP is 5.5.13.
Piwik You are running Piwik 2.4.0-b3 (the latest version).
CGI
Test Result
force_redirect force_redirect is enabled, which is the recommended setting
Core
Test Result
allow_url_fopen You are running PHP 5.2 or greater, which makes allow_url_fopen significantly safer. Make sure allow_url_include is disabled, though
allow_url_include allow_url_include is disabled, which is the recommended setting
display_errors display_errors is disabled, which is the recommended setting
expose_php expose_php is enabled. This adds the PHP “signature” to the web server header, including the PHP version number. This could attract attackers looking for vulnerable versions of PHP
file_uploads file_uploads are enabled. If you do not require file upload capability, consider disabling them.
group_id PHP is executing as what is probably a non-privileged group
magic_quotes_gpc magic_quotes_gpc is disabled, which is the recommended setting
open_basedir open_basedir is enabled, which is the recommended setting. Keep in mind that other web applications not written in PHP will not be restricted by this setting.
register_globals register_globals is disabled, which is the recommended setting
upload_tmp_dir upload_tmp_dir is disabled, or is set to a common world-writable directory. This typically allows other users on this server to access temporary copies of files uploaded via your PHP scripts. You should set upload_tmp_dir to a non-world-readable directory
user_id PHP is executing as what is probably a non-privileged user
Curl
Test Result
file_support You are running PHP 4.4.4 or higher, or PHP 5.1.6 or higher. These versions fix the security hole present in the cURL functions that allow it to bypass safe_mode and open_basedir restrictions.
Session
Test Result
save_path save_path is disabled, or is set to a common world-writable directory. This typically allows other users on this server to access session files. You should set save_path to a non-world-readable directory
use_trans_sid use_trans_sid is disabled, which is the recommended setting