Installing and upgrading
- Installation overview
- General installation requirements
- Installing on Ubuntu Linux
- Installing on Windows Server
- Installing on macOS
- Installing on CentOS Linux
- Installing via Docker
- Installing on SuSE
- Configuring php.ini
- Configuring Apache
- Configuring the database
- Upgrading
- LibreOffice integration for Microsoft Office previews
- OpenCV (facial recognition) - deprecated
- Upgrading PHP versions
- Setting up scheduled tasks/cron
Backups
Security
User management
Advanced user group options
Customising ResourceSpace
Plugins
StaticSync
Configuring ResourceSpace
- The config file
- Offline job queues
- File integrity checking
- ResourceSpace file storage (filestore)
- Checksums
- Edit access for contributors
- Configuring Leaflet Maps
- Automatic alternative video files
- Signing all database PHP code
- Integrating with Uppy Companion
- The System Configuration page
- Configuring image alternatives
- Minimal preview creation
- Mounting Amazon S3 for external storage
Integrations
Signing all database PHP code
For security purposes any PHP code that is stored in the database and can be manipulated via the user interface must be signed using a command line utility. This is to prevent system compromise by a user that has gained administrator access.
Signing is done by executing the following:
php {path to resourcespace}/pages/tools/resign_all_code.php
This script cannot be run from a web browser, it must be executed via the command line directly on the server itself.
This will need to be executed after changes to the following properties:
- Resource type field - "Value filter"
- Resource type field - "On change macro"
- Resource type field - "Autocomplete macro"
- Resource type field - "Exiftool filter"
- Resource type - "Config options"
- User group - "Config options"
The signing process involves adding a comment to the top of the custom PHP code with the text "SIG" and a unique hash. For example:
//SIGe6e905b75d9f4a98950d62905704b5c185cd2f7f928b975745ccf92d1baf897c