Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: index.htlm in userpics  (Read 2905 times)

0 Members and 1 Guest are viewing this topic.

gragossen

  • Coppermine newbie
  • Offline Offline
  • Gender: Male
  • Posts: 19
index.htlm in userpics
« on: October 04, 2009, 09:35:23 am »

I have all my "index.html"-files in albums and userpics - folders polluted with iframe nonsens from an iframe-attack. Can I just delete these corrupted files (or do I have to/can I exchange them with new and fresh dito from the original file)

Goran
gragosse     
Logged

phill104

  • Administrator
  • Coppermine addict
  • *****
  • Country: gb
  • Offline Offline
  • Gender: Male
  • Posts: 4886
    • Windsurf.me
Logged
It is a mistake to think you can solve any major problems just with potatoes.

gragossen

  • Coppermine newbie
  • Offline Offline
  • Gender: Male
  • Posts: 19
Re: index.htlm in userpics
« Reply #2 on: October 04, 2009, 05:33:20 pm »

Thankyou for answer.

I have allready exchanged importent and working index-files in the gallery throu uppgrading. (from 1.4.19 to 1.4.25) The coppermine gallery is obviously now working just fine. No problem as far as I can judge. My question is about index.html-files in userpics-folders in general. What are they for? Do they have a task??? Can I delete them?

Goran
gragossen     
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: index.htlm in userpics
« Reply #3 on: October 05, 2009, 08:02:56 am »

Just upgrading is not enough. The thread you have been told to read by Phill contains all answers there are to your case, and all possible instructions. Like it or not, those are the only valid instructions that exist. Anything else you do is up to you.

What are they for? Do they have a task??? Can I delete them?
Find it out by navigating to one of them: they are there to make sure that nobody can browse the content of the folders if you are allowing indexes on your webserver. You can delete them if you know your way around and if you have set indexes to off. We can't tell you if that is the case, as you failed to do as suggested per board rules: you haven't posted a link to your gallery although that is mandatory to do in each support thread.

Instead of posting such questions and wondering if you can delete files that come with coppermine I suggest you do as suggested and perform the sanitization properly.

The coppermine gallery is obviously now working just fine. No problem as far as I can judge.
That's the tricky thing with getting actually hacked: there are some hackers who are just defacing your site, while others try to use your server for their own purposes without you being aware of it. So if there doesn't seem to be anything wrong that might just be because the hacker doesn't want you to notice.
Logged

gragossen

  • Coppermine newbie
  • Offline Offline
  • Gender: Male
  • Posts: 19
Re: index.htlm in userpics
« Reply #4 on: October 05, 2009, 10:18:44 am »

http://www.vulcanriders-sweden.org/cpgbilder/index.php

At the moment I am in the "WinMerge"-phase in the "Yes I´ve been hacked" restore program . I will be back.

Goran

Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: index.htlm in userpics
« Reply #5 on: October 05, 2009, 11:14:42 am »

Don't use iso8859-1. Use utf-8. Don't change the encoding unless you understand the impact!
Logged
Pages: [1]   Go Up
 

Page created in 0.017 seconds with 19 queries.