Joachim Müller 
|
 |
« Reply #20 on: June 19, 2009, 06:53:33 pm » |
|
Hidden files
On Linux/Unix driven webservers (most webservers are Linux/Unix-driven, which is great in terms of stability and performance), hidden files/folders have a leading dot in their names. This is different on Windows, but easy to understand.
As the name suggests, hidden files usually are not being displayed. That's a fact that legitimate applications like the webserver "Apache" use: the configuration file for that webserver usually is a hidden file named .htaccess (mind the leading dot). The presence of a .htaccess file (and even several of them) is not a bad thing in itself, nor is it an indication of a hacking attempt if there are one or more of those .htaccess files on your server. Your server and the FTP application you use to control it usually is configured not to display hidden files (remember: they start with a dot in their name), so you won't be aware of .htaccess-file(s) existing on your webspace. However, with such a webserver configuration file, hackers can do all kinds of unwanted things to happen, like redirecting. Hackers often use the fact that their victims are not very experienced and therefor hardly know about the power of .htaccess files.
There is an exploit (the payload of a hack) that drops a .htaccess file into the gallery folder that redirects all images to google, which results in all images embedded into your gallery appearing to be broken.
Therefor: before starting the sanitization by downloading the working copy to your PC, make sure that hidden files (if they exist) are being transfered from your webspace to your local working copy: this way, you can examine .htaccess files that may exist on your webspace. Those .htaccess files are plain-text files that you can view with any plain-text editor (notepad.exe will be fine). If you're not sure about what a particular .htaccess file does, just temporarily remove it from your server (i.e. keep a backup somewhere) and test if anything works as expected. You might just as well rename it (e.g. from .htaccess to htaccess_renamed) to check. There may be .htaccess files on your webspace that your webhost put there, so don't panic if you see such a file. When in doubt, ask your webhost for support - ask them if they put the file there. Alternatively, post the content of your .htaccess file on the support board if you're not sure and ask for help with it.
Coppermine itself doesn't come with a .htaccess file, so if neither you nor your webhost have created a particular .htaccess file, it probably is the payload of a hacking attempt, so try to delete it (keep a backup!) and see what happens then.
|
