X-Git-Url: https://git.p6c8.net/jirafeau_mojo42.git/blobdiff_plain/261af8ac3be2c4d9fbdae0f25c036440833d746c..4e94acfa77564a30dfda5a2fb57f978446265e6c:/README.md?ds=sidebyside diff --git a/README.md b/README.md index 38f882c..f4c1ef4 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ A demonstration of the latest version is available on [jirafeau.net](http://jira - Optional Password protection (for uploading or downloading) - Time limitation - Option to self-destruct after reading -- Simple language support :gb: :fr: :de: :it: :nl: :ro: :sk: +- Simple language support :gb: :fr: :de: :it: :nl: :ro: :sk: :hu: - Small administration interface - File level [Deduplication](http://en.wikipedia.org/wiki/Data_deduplication) for storage optimization - A basic Terms Of Service which can be adapted to your needs @@ -52,6 +52,10 @@ Here are some screenshots: - Get your web browser and go to you install location (e.g. ```http://your-web-site.org/jirafeau/```) and follow instructions - Some options are not configured from the minimal installation wizard, you may take a look at option documentation in ```lib/config.original.php``` and customize your ```lib/config.local.php``` +Note that ```lib/config.local.php``` is auto-generated during the installation. + +If you don't want to go through the installation wizard, you can just copy ```config.original.php``` to ```config.local.php``` and customize it. + # Security ```var``` directory contain all files and links. It is randomly named to limit access but you may add better protection to prevent un-authorized access to it. @@ -65,7 +69,6 @@ If you are using Apache, you can add the following lineto your configuration to ```RedirectMatch 301 ^/var-.* http://my.service.jirafeau ``` You should also remove un-necessessary write access once the installation is done (ex: configuration file). - An other obvious basic security is to let access users to the site by HTTPS. # Few notes about server side encryption @@ -79,8 +82,8 @@ By activating this feature, you have to be aware of few things: - During the download, the server will decrypt on the fly (and use resource). - This feature needs to have the mcrypt php module. - File de-duplication will stop to work (as we can't compare two encrypted files). -- Be sure you server do not log client's requests. -- Don't forget to activate https. +- Be sure your server do not log client's requests. +- Don't forget to enable https. In a next step, encryption will be made by the client (in javascript), see issue #10. @@ -189,4 +192,4 @@ So: ### How to contact someone from Jirafeau ? -Feel free to create an issue if you found a bug, else you can send an email at j.jutteau A.T gmail .DOT. com +Feel free to create an issue if you found a bug. \ No newline at end of file