Announcement

#1 2016-07-03 21:47:06

f3red
Member
Cold Springs (Reno), NV, USA
2015-06-11
65

/upload directories created with no protection

Hello/Hi/Greetings,

My hosting service (Dreamhost.com) keeps sending me notices like this:

We have recently scanned one or more users on your DreamHost account for
potential security threats. Unfortunately, we found some potential
indications that your website(s) *may* be compromised.

The following files/directories had insecure permissions (777), which
have been remediated.

<site>/piwigo_384th_gallery/upload/2016/06/16
<site>/piwigo_384th_gallery/upload/2016/06/17
etc...

They take action to change the protection, and there is no apparent problem (in my mind) after they do that.

1. Can these directories be deleted when uploads are completed for the day. In other words, are the image files stored there needed anymore?

2. And, do all uploads - from users AND admins - cause these directories to be created?

Inquiring minds want to know!

Piwigo version: 2.7.4
PHP version: 5.6
MySQL version: 5.6
Piwigo URL: http://photos.384thbombgroup.com/

Offline

 

Board footer

Powered by FluxBB

github twitter newsletter Donate Piwigo.org © 2002-2022 · Contact