How can I increase security levels in gallery?

mrinnoncent · December 19, 2006, 09:35:20 AM

I have recently read some where that one of the user using coppermine gallery latest version was tried to be hacked, by placing some index file,help.zip,a.asp & some other files.

How can I prevent myself from tht kind of danger ?

Joachim Müller · December 19, 2006, 09:46:02 AM

The most recent version (cpg1.4.10) should not be vulnerable against such attacks. You mustn't allow the upload of potentially harmful files (PHP, PL etc.). There is an Apache flaw that allowed files named foo.php.rar to be parsed as PHP files. This flaw has been fixed some versions ago. Bottom line: if you really use cpg1.4.10, you should be save. If you don't, upgrade asap.

Quote from: mrinnoncent on December 19, 2006, 09:35:20 AM
I have recently read some where

Where exactly? Please post a link.

mrinnoncent · December 22, 2006, 09:45:16 AM

ok sent you pm of my address

Joachim Müller · December 22, 2006, 10:28:56 AM

I didn't ask for a PM. I told you to post your URL. Ignoring PM.

mrinnoncent · December 24, 2006, 07:18:35 AM

I didn't want the url to go public. thtz the reason pmed u.

Joachim Müller · December 24, 2006, 08:19:16 AM

Haven't asked for the URL of your site, but the address where you claim to have read about the potential flaw.

mrinnoncent · December 31, 2006, 09:19:21 AM

itz my friend's website :-\

Joachim Müller · December 31, 2006, 11:23:59 AM

Then post the URL, for christ's sake

. Is your friend an authority in stuff related to Coppermine, or is this just a matter of the blind leading the blind?

Tranz · December 31, 2006, 06:19:14 PM

Also, you said "tried to be hacked". Was the attempt successful? Attempts do not equal success.

coppermine-gallery.com/forum

News:

How can I increase security levels in gallery?

mrinnoncent

Joachim Müller

mrinnoncent

Joachim Müller

mrinnoncent

Joachim Müller

mrinnoncent

Joachim Müller

Tranz