Php photo gallery TWG | JFUploader | TWG Flash upload | WFU | Forum

Get help for TinyWebGallery, the best image gallery. The forum is also home for the Joomla JFUploader, TWG Flash Uploader and the Wordpress flash uploader.
It is currently 28. Mar 2024, 14:35

This forum is readonly now. Please use the new forum if you don't find the answer to your question here. The new forum is at https://www.tinywebgallery.com/blog/forum/


All times are UTC + 1 hour [ DST ]




Post new topic Reply to topic  [ 11 posts ] 
Author Message
PostPosted: 11. Aug 2006, 21:09 
Offline

Joined: 24. Feb 2006, 16:02
Posts: 10
One of my 1.4.2 installations has been hacked. Please let me know to which email adress i can sent information about this (if there is a leak somewheren i don't think its good to tell in which file it is on the forum). Not untill there is a solution.


Top
 Profile  
 
 Post subject:
PostPosted: 13. Aug 2006, 17:38 
Offline
Site Admin
User avatar

Joined: 1. Aug 2005, 12:53
Posts: 11232
send it to my email



Michael


Top
 Profile  
 
 Post subject:
PostPosted: 14. Aug 2006, 16:04 
Offline
Site Admin
User avatar

Joined: 1. Aug 2005, 12:53
Posts: 11232
It not a problem of TWG but of one of the provided example files!
I'll change the zip file that a .htaccess file is in this directory that prevents external access!
Additionally I have added a define to these files that they can only be included by TWG!

/Michael


Top
 Profile  
 
 Post subject:
PostPosted: 16. Aug 2006, 11:52 
Offline
User avatar

Joined: 5. Aug 2005, 19:39
Posts: 77
ditto.

the "open" dirs all contain sh*t that should not be there. Plus I have been receiving tons and tons and tons and tons (!) of german spam since I started running TWG. I am pretty unhappy at the moment...I thought I had found a simple photo-album script, it seems it is too simple to be safe.

And updating is not an optioneither , since it takes ages and ages.


Top
 Profile  
 
 Post subject:
PostPosted: 16. Aug 2006, 12:21 
Offline
Site Admin
User avatar

Joined: 1. Aug 2005, 12:53
Posts: 11232
Hi,

TWG itself is save.

This is an example dir that should actually not be upladed at all - simply delete the "examples" folder.
It the current update I have protected this folder too.

You don't have to update - a small delete does the fix!

Any why are you getting german spam? Define spam? I only send messages from the forum once in a while - thats it.
From where should the spam come from? I have all 3 demo running since ages and never got one spam email! The only thing I can think of that robots scan the forum for email addresses and use them for spam - Then you have to hide you email - thats it.

And I do updates of TWG almost 10 times a day! takes me less the 5 minutes per update!

/Michael


Top
 Profile  
 
 Post subject:
PostPosted: 16. Aug 2006, 12:40 
Offline
User avatar

Joined: 5. Aug 2005, 19:39
Posts: 77
do you have 2000+ pictures that are linked to from other pages ? Copying the links takes a month by itself. Thats why updating takes ages.

I got your message (not spam :wink: ) telling about the security issue. That's why I took a look in the first place. I removed the examples/ folder and I am praying this solves the prob. My hoster is trying to get rid of all the non-native files that were left on the server.

And spam is spam. Adds for plastic palmtrees, and I do not know what else. In the german language. I never got any spam from / in German(y) untill (hm) 6 months ago. I might be a coinsidence that this is around the time I registered.


Top
 Profile  
 
 Post subject:
PostPosted: 16. Aug 2006, 13:01 
Offline
Site Admin
User avatar

Joined: 1. Aug 2005, 12:53
Posts: 11232
Updating TWG does not change the links.

but do you use TWG to collect 2000 images from other sources?
or to you have links from many sources to the images?

About the spam - TWG itself cannot be the problem.

But if robots scan the forums for emails and add them ....
The only problem is that I don't get any spam over the email here in the forum - maybe I have an excellent spam filter.

all other files from TWG are protected agains external access by either .htaccess files or checks of the parameters (like index.php, image.php ...).

/Michael


Top
 Profile  
 
 Post subject:
PostPosted: 16. Aug 2006, 13:24 
Offline
User avatar

Joined: 5. Aug 2005, 19:39
Posts: 77
I have 2000+ pictures, and webpages point to the TWG page that shows the picture. I do not "allow" linking straight into the picture, showing just the picture.

(catalog-like thing)

(just looked it up: 5439 pictures :oops: )


Top
 Profile  
 
 Post subject:
PostPosted: 16. Aug 2006, 14:14 
Offline
Site Admin
User avatar

Joined: 1. Aug 2005, 12:53
Posts: 11232
5400 pictures - new TWG record!

Is the speed still o.k? - My testinstall hast "only" 1300 images.

/Michael


Top
 Profile  
 
 Post subject:
PostPosted: 16. Aug 2006, 15:17 
Offline
User avatar

Joined: 5. Aug 2005, 19:39
Posts: 77
-> http://www.kerstdorpen.nl/catalog2


Top
 Profile  
 
 Post subject:
PostPosted: 16. Aug 2006, 15:28 
Offline
Site Admin
User avatar

Joined: 1. Aug 2005, 12:53
Posts: 11232
speed is good on my machine ;).

I you want to speed it up you should change the colage to a single image ;).
Just in case :wink:

/Michael


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 11 posts ] 

All times are UTC + 1 hour [ DST ]


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
cron
powered by phpbb | Datenschutz/ Privacy policy