1
HTML & templates / Re: The Throwback (retro) template. With large folder and mobile support.
« Last post by danny on July 05, 2025, 05:20:32 PM »Security enhancements at software.run.place
The Hfs-Patched.zip file contains stable HFS 2.3, which has some of Leo's security patches added, and...
I have removed the ability for it to save macros-on setting, so it will shut off macros (for security necessity) at every program exit.
A few other settings are likewise shut off (such as system icons for default template that doesn't work without macros).
The only addition from me, is that I have overwritten the large TPL files, with Throwback15, because it reprograms the ini file for more robust durability, and then it shuts macros off. This happens at first run, causing HFS to shut off macros immediately at first run of a new install.
To catch the differences, there is an events.hfs file included, which is redundant with HFS2.3n; but, can send any other version of HFS2x into a sort of honeypot mode, possibly good enough to auto-ban some script-kiddies and bots, but not good enough for a live hacker. Therefore, find Tinywall also listed on the site. Tinywall is a Whitelist egress firewall, which allows nothing to use internet until you specify what that is; such as your browser and hfs allowed (you manually specify that); and a whitelist firewall is handy at preventing unwanted remote control.
I recommend, leave macros off, use web server to broadcast files, but use encrypting ftp server to manage files.
Management options include Wingftp, HFS3, encrypting ftp server... Having a web server manage files is naturally insecure; so, managing with a modern encrypting ftp server is probably better. Unlike the old type, some modern encrypting ftp server needs only 1 port which is easier to set up.
The Hfs-Patched.zip file contains stable HFS 2.3, which has some of Leo's security patches added, and...
I have removed the ability for it to save macros-on setting, so it will shut off macros (for security necessity) at every program exit.
A few other settings are likewise shut off (such as system icons for default template that doesn't work without macros).
The only addition from me, is that I have overwritten the large TPL files, with Throwback15, because it reprograms the ini file for more robust durability, and then it shuts macros off. This happens at first run, causing HFS to shut off macros immediately at first run of a new install.
To catch the differences, there is an events.hfs file included, which is redundant with HFS2.3n; but, can send any other version of HFS2x into a sort of honeypot mode, possibly good enough to auto-ban some script-kiddies and bots, but not good enough for a live hacker. Therefore, find Tinywall also listed on the site. Tinywall is a Whitelist egress firewall, which allows nothing to use internet until you specify what that is; such as your browser and hfs allowed (you manually specify that); and a whitelist firewall is handy at preventing unwanted remote control.
I recommend, leave macros off, use web server to broadcast files, but use encrypting ftp server to manage files.
Management options include Wingftp, HFS3, encrypting ftp server... Having a web server manage files is naturally insecure; so, managing with a modern encrypting ftp server is probably better. Unlike the old type, some modern encrypting ftp server needs only 1 port which is easier to set up.