Hello/Hi/Greetings,
@admins
I wonder if the Plugins for Piwigo are checked for safty?
Since i installed Piwigo on my Server and added some Plugins, the mail traffic increased, i try to find out where the mail traffic comes from, would be sad i have to swich off the plugins ....
have a nice day
vinc
Offline
Hello
we cannot check extensions for security flaws etc
you can disable mail for each apache virtualhost https://serverfault.com/questions/72529 … irtualhost ; probably the same feature for nginx
Offline
Hello Flop25
if i do disable nobody would be able to send email with the contact Form, and also the underlaying Joomla would not apreciate it.
But there is not Piwigo-controll-team is ok to know it.
have a nice day
vinc
Offline
I confirm that on piwigo.org/ext there is no moderation "before publish". So yes, anyone can push a plugin with a security failure. But, thanks to our vigilant community, when such a problem occurs, the plugin is fixed quickly.
As far as I can remember, nobody as ever used this to hack some Piwigo. But it's a perfecty legitimate question :-)
I can also give you this tip: if the plugin is available on Piwigo.com, you can be pretty sure it has been reviewed ;-)
Offline
after i deactivated 12 Plugins and also needed to deinstall them the spam stopped.
but i don't know which one. sorry
Offline
vikozo wrote:
after i deactivated 12 Plugins and also needed to deinstall them the spam stopped.
but i don't know which one. sorry
which plugins?
Offline