Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Yii 2.0 enabling remote access to gii

Tags:

yii2

Simple question, trying to enable remote access to gii in yii 2 - docs say http://www.yiiframework.com/doc-2.0/guide-start-gii.html

Note: If you are accessing Gii from a machine other than localhost, the access will be denied by default for security purpose. You can configure Gii to add the allowed IP addresses as follows,

'gii' => [
    'class' => 'yii\gii\Module',
    'allowedIPs' => ['127.0.0.1', '::1', '192.168.0.*', '192.168.178.20'] // adjust this to your needs
],

Thing is, it doesn't say where to add this - guesing config/web.php

But under what section?

like image 490
Adrian Cornish Avatar asked Dec 05 '14 00:12

Adrian Cornish

People also ask

How to use Gii in yii2 basic?

Open up this url: http://localhost:8080/index.php?r=gii. Then, click the “Start” button under the “Model generator” header. Fill in the Table Name (“user”) and the Model Class (“MyUser”), click the “Preview” button and finally, click the “Generate” button.

What to do about the yii2 GII remote code vulnerability?

Since the vulnerability still exists, those who use the Yii2 Gii Remote Code module need to check the following: Make sure that access to the developer’s platform is closed: There should be no alpha/beta or other versions, and the development environment should not be open to external access.

How can we use yii2 for access control?

We can use Yii2's simple access control features to ensure that users register and sign in before adding and viewing status posts. Yii2 also offers more advanced (and complex) Role Based Access Control (RBAC) which we will not be implementing at this time.

What is the use of the Yii GII module?

GII is a YII module that generates code for CRUD operations. In YII 2 Framework, GII is accessible by the localhost by default, and the module is accessed in the browser. Xampp installed in your machine. If not, follow these steps to install it. This will come along with PhpMyAdmin which we will use to manage our database record.

How to get started with yii2 model generator?

Let’s get started. Yii2 Framework 2.0.35 You can find Gii at the addresses like: To successfully exploit the vulnerability, go to the Model Generator section. The application must have a database configured, otherwise the model cannot be generated. Also, you must specify the existing table name in the Table Name field.

1 Answers

2 places you need to add this.

Usually it is done like this in your main-local.php

if (!YII_ENV_TEST) {
    $config['bootstrap'][] = 'gii';
    $config['modules']['gii'] = [
        'class' => 'yii\gii\Module',
    ];   
}

So you need to add gii in the bootstrap section of the config and in the modules section. This will turn basically append them to the array from your config/main.php return [ 'id' => 'app-backend', 'basePath' => dirname(DIR), 'controllerNamespace' => 'backend\controllers', 'bootstrap' => ['log'], 'modules' => [ ], ],

On the link you gave, take a look above. You should do:

if (YII_ENV_DEV) {
    $config['bootstrap'][] = 'gii';
    $config['modules']['gii'] = [
    'class' => 'yii\gii\Module',
    'allowedIPs' => ['127.0.0.1', '::1', '192.168.0.*', '192.168.178.20'] // adjust this to your needs
];
}
like image 57
Mihai P. Avatar answered Sep 24 '22 03:09

Mihai P.
Sign in to Comment

Related questions

Use yii2 for production
Yii2: How to make validation rule message not to be encoded?
Yii Framework 2.0 Role Based Access Control RBAC

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!