forum.coppermine-gallery.net

Support => cpg1.3.x Support => Older/other versions => cpg1.3 Miscellaneous => Topic started by: GP on March 03, 2005, 01:29:30 am

Title: Security???
Post by: GP on March 03, 2005, 01:29:30 am

I installed my gallery about a week ago and everyone loves it!  ;D   However, on the night of the 28th, my host
took my site down.  They claim that someone was trying to gain unauthorized access to the server - through my
site.  They suggested that I look at the gallery files since that's the most recent changes that I've made.  Are they
full of crap and just trying to come up with an excuse or are any of you aware of vulnerabilities that I can fix? 

Title: Re: Security???
Post by: Tranz on March 03, 2005, 01:31:05 am

Which version were you using?

Title: Re: Security???
Post by: GP on March 03, 2005, 01:32:22 am

1.3.2

Title: Re: Security???
Post by: Tranz on March 03, 2005, 01:34:06 am

There are no known security issues with standalone 1.3.2. Do you know which version of php your host is using? If not, put the following into a file and access it in a browser:

Code: [Select]

<?php
phpinfo();
?>

Title: Re: Security???
Post by: GP on March 03, 2005, 01:35:25 am

php version 4.3.10.    I have the gallery integrated with SMF.

Title: Re: Security???
Post by: kegobeer on March 03, 2005, 01:59:54 am

Look in your server logs.  You may find evidence of script kiddie attempts: entries like /modules/coppermine/include/init.inc.php and crap like that, all with 404 errors.

SMF also has no known security vulnerabilities.