[Solved]: Broken Images [Solved]: Broken Images
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

[Solved]: Broken Images

Started by Ami Yuy, November 18, 2009, 01:20:22 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Ami Yuy

I've tried searching, but to be honest I haven't touched my gallery for a couple of years so I'm really rusty on all of this (and even then I only had a basic grasp).

Gallery: http://www.amiyuy.com/photography/gallery/index.php

The gallery was working fine not too long ago and a second gallery I have on the server is working perfectly fine (no link because it's not for public viewing).

I think I have Coppermine version 1.4.4 as according to the Admin Config page.

I have tried Rebuilding the thumbnails in the Admin Tools as recommended by one thread, but no change.  The images are still in the same place on the server and work fine when I download them.  However, directly opening their links in the web browser does not.

http://www.amiyuy.com/photography/gallery/albums/uploads/animela06/Friday/thumb_amiyuy-DSCN4102.jpg
http://www.amiyuy.com/photography/gallery/albums/uploads/animela06/Friday/amiyuy-DSCN4102.jpg

Help?

Nibbler


Ami Yuy

Quote from: Nibbler on November 18, 2009, 05:29:15 PM
See http://forum.coppermine-gallery.net/index.php/topic,51927.0.html

Keep your gallery up to date in the future.
Thank you for the link, and I will try updating, but what about broken images with nothing else wrong says that I've been hacked?

Also, the version numbers are very confusing, I assumed 1.4.4 was like 1.4.40 not 1.4.04.

phill104

You will just have to do everything outlined in the Yikes thread Nibbler linked to. Simply upgrading is not enough in your case as you have been hacked. You need to sanitise your site as suggested.
It is a mistake to think you can solve any major problems just with potatoes.

Ami Yuy

Quote from: Phill Luckhurst on November 18, 2009, 11:45:59 PM
You will just have to do everything outlined in the Yikes thread Nibbler linked to. Simply upgrading is not enough in your case as you have been hacked. You need to sanitise your site as suggested.
Okay, I'm still confused as to how you know I've been hacked.  I'm not asking to be annoying, but rather so I can know for the future how to recognize it, as simply broken pictures aren't communicating that to me.

Ami Yuy

There's also probably no way to recover my previous view counts* if I accidentally reset them in Admin Tools is there?  I had over 86,000 views before.  :/

*It was selected as the default action, I didn't realize I had to choose the radio button for both the section and the choice when I was doing the thumbnail rebuild as I'd never used any of those tools before.

Ami Yuy

I really hate that I can't edit, but I understand why.

Anyway, a friend has been assisting me and we found a .htaccess file in the albums folder that was redirecting to google.com.  Simply deleting this fixed the issue and the images are all showing again.  Some files do seem to possibly have been deleted, but I have back ups.  I'm chalking it up to a possibly botched server move by my webhost.

I still am going to read through the other thread and update Coppermine or switch gallery set-ups, but so far it's not too worrisome.

Thank you for your help.

phill104

That .htaccess is one of the signs of a well known hack, that is one of the signs. Just deleting that file does not mean you have sanitised your site. Often the hacker will leave a number of other files around so they can gain access later. If you do not want your efforts to go to waste then do as suggested in the Yikes thread.
It is a mistake to think you can solve any major problems just with potatoes.

Ami Yuy

I just saw that information in the second page of the Yikes thread.  I'm sorry for being confused, but if from the beginning you'd explained and said "You've been hacked and this is why I think so," I would have just gone and followed the other thread without question.

Guides are great, but I'm not going to just go blindly follow one without knowing exactly why I should be.

That's not to say I don't appreciate getting support, I do.  Thank you.

Joachim Müller

Quote from: Ami Yuy on November 18, 2009, 10:44:17 PMAlso, the version numbers are very confusing, I assumed 1.4.4 was like 1.4.40 not 1.4.04.
Why? The major and minor versions are separated by dots. Why should the four mean forty? Does the four in the sentence "I had 4 glasses of beer yesterday" actually mean "fourty"? Just a wrong assumption on your end. Trying to find explanations and excuses for such wrong assumptions is lame imo.

Quote from: Ami Yuy on November 19, 2009, 09:54:43 AMGuides are great, but I'm not going to just go blindly follow one without knowing exactly why I should be.
This is a support board. If you want explanations and stories, you could have searched the board, as requests like yours are legion. Because of the sheer number of postings we don't give explanations about how we come to our conclusions. If you want detailed explanations, search this forum for terms like "htaccess redirect" or "yikes" or "hacked". You'll find some pretty good results.

Quote from: Ami Yuy on November 19, 2009, 03:54:34 AMThere's also probably no way to recover my previous view counts* if I accidentally reset them in Admin Tools is there?  I had over 86,000 views before.  :/
We have a strict "one issue per thread" policy that you agreed to respect when signing up. That's why this posting of yours that deals with a separate issue has been ignored.

Quote from: Ami Yuy on November 18, 2009, 01:20:22 PMI haven't touched my gallery for a couple of years
That's the basic mistake: you need to keep your apps on your web server up to date. If you don't, you'll get hacked sooner or later. You just found out the hard way.

Quote from: Ami Yuy on November 19, 2009, 09:54:43 AMThat's not to say I don't appreciate getting support, I do.  Thank you.
You're welcome. In the future please resolve your threads as suggested per board rules. Marking thread accordingly for you.

Ami Yuy

Quote from: Joachim Müller on November 19, 2009, 04:32:41 PM
Why? The major and minor versions are separated by dots. Why should the four mean forty? Does the four in the sentence "I had 4 glasses of beer yesterday" actually mean "fourty"? Just a wrong assumption on your end. Trying to find explanations and excuses for such wrong assumptions is lame imo.
Wow, sorry?  I was just saying that it confused me.  Why would trying to find explanations for something that confused me be lame?  I keep that in mind next time I need to look up a word in a dictionary.

Quote from: Joachim Müller on November 19, 2009, 04:32:41 PMThis is a support board. If you want explanations and stories, you could have searched the board, as requests like yours are legion. Because of the sheer number of postings we don't give explanations about how we come to our conclusions. If you want detailed explanations, search this forum for terms like "htaccess redirect" or "yikes" or "hacked". You'll find some pretty good results.
And as I said, I could NOT find results because a) I had no idea there WAS an htaccess file until a friend spent time helping me last night after I told him that your replies confused me and b) I had no reason to think I was hacked as I said multiple times.  I searched for "broken images", which is what my problem was.  I spent a couple of hours reading through threads and Google results before I bothered you by posting here, I'm sorry to bother you because I was using the wrong search term.

Quote from: Joachim Müller on November 19, 2009, 04:32:41 PMWe have a strict "one issue per thread" policy that you agreed to respect when signing up. That's why this posting of yours that deals with a separate issue has been ignored.
That's fine, sorry for forgetting and for posting it.

Quote from: Joachim Müller on November 19, 2009, 04:32:41 PMThat's the basic mistake: you need to keep your apps on your web server up to date. If you don't, you'll get hacked sooner or later. You just found out the hard way.
Had no idea that I had to keep it up to date, it's the first one I'd ever used and I was overwhelmed installing it in the first place.  I will keep it in mind in the future.

Quote from: Joachim Müller on November 19, 2009, 04:32:41 PMYou're welcome. In the future please resolve your threads as suggested per board rules. Marking thread accordingly for you.
Thank you, I was going to as I'd seen it mentioned in another thread, but my mistake in thinking (wrongly) that since I couldn't edit my post I couldn't edit the title.  The rules I agreed to when I signed up actually did not link that thread and do not include resolving your thread or how to, I followed all of the others except for messing up the one topic rule.