Sinister cpg events Sinister cpg events
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Sinister cpg events

Started by tumnus, January 30, 2005, 02:18:51 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

tumnus

Attack of the disappearing images.... part the second.

A continuing tale to make thee all beware, or something...

Ok, so maybe some of you noticed my other post from when a client's coppermine got all its images erased somehow. it was a bit like this:

Quote from: tumnus on January 03, 2005, 08:00:37 PM
Hiya. I've just gone through the arduous and boring task of re-uploading and re-filling a client's coppermine gallery. I admin it, and he does the uploads.
Last week though, all the folders in his gallery with 777 permissions have been utterly cleared out.
My ISP is getting back to me with the server logs, but is there any means by which i can avoid this is future?
must it be 777?

and anyway, i presume the average http user wouldn't know how to do this, right?

They told me in the end that the logs were rotated and gone, which i wasn't too impressed with.

Now, having re-uploaded the latest cpg (with watermark hack) it's gone and happened again. Same as last time the site's all there, but most of the images are gone. It's still only him that logs into the cpg, at home, where all is trustable. Only I ftp it and I'd know if someone got the ftp pass for my sites off me... they'd all be going down.

This time round, i'm getting a bit more attention from my server folk, but i chmodded all 777s to 755 wherever i could get away with it. But whatever this event is, i notice sinisterly that it waited til my client had done lots of uploading before emptying the site out.

If anyone can shed me any light or suggestions on this, that'd rule. If not..... warning!

and what kind of inside job did you mean here, kegobeer?
Quote from: kegobeer on January 03, 2005, 09:05:08 PM
This sounds like an "inside job", and in that case permissions wouldn't really matter.

and btw: with all this jazz going on, how am i gonna keep the site up other than daily backup by ftp? is it even worth it, do you think? My client's already prodding me to go to a new provider. Any suggestions for good providers to run cpg in?
Be kind, man. Don't be mankind.

kegobeer

An inside job = someone with access to your site via ftp/control panel/etc.  No hacking required.

I would definitely move to another host.  There are a bunch of good ones out there.  You need to evaluate how much traffic your site gets per month, the transfer per month, how much you are willing to pay, etc.  I think there is already a thread about recommended hosts.
Do not send me a private message unless I ask for one.  Make your post public so everyone can benefit.

There are no stupid questions
But there are a LOT of inquisitive idiots