I have recently read some where that one of the user using coppermine gallery latest version was tried to be hacked, by placing some index file,help.zip,a.asp & some other files.
How can I prevent myself from tht kind of danger ?
The most recent version (cpg1.4.10) should not be vulnerable against such attacks. You mustn't allow the upload of potentially harmful files (PHP, PL etc.). There is an Apache flaw that allowed files named foo.php.rar to be parsed as PHP files. This flaw has been fixed some versions ago. Bottom line: if you really use cpg1.4.10, you should be save. If you don't, upgrade asap.
Quote from: mrinnoncent on December 19, 2006, 09:35:20 AM
I have recently read some where
Where exactly? Please post a link.
ok sent you pm of my address
I didn't ask for a PM. I told you to post your URL. Ignoring PM.
I didn't want the url to go public. thtz the reason pmed u.
Haven't asked for the URL of your site, but the address where you claim to have read about the potential flaw. ::)
itz my friend's website :-\
Then post the URL, for christ's sake ::). Is your friend an authority in stuff related to Coppermine, or is this just a matter of the blind leading the blind?
Also, you said "tried to be hacked". Was the attempt successful? Attempts do not equal success.