File Security

obrienkev

Hi all,

My images and folders were deleted from my site. How is this?? What do I need to change/fix??? Database Data still ok - actual folders deleted!!

I display images on my website as follows...

1/ images stored in folder. Folder marked as 755 (Read,Write,Exe for owner; read, write for others)

2/ image metadata stored in database.

Called here...

$query = "SELECT crosses ".
             "FROM funeral_images";
$result = mysql_query($query) or die(mysql_error);

// Display flowers
while($row = mysql_fetch_array($result))
{
if($row['crosses'] != "")
{                 

// filepath
$uploaddir = '../cms/uploads/funerals/crosses/';
$uploadfile = $uploaddir . basename($row['crosses']);

echo '<a class="p1" href="#"> '.
'<img src="'.$uploadfile.'" alt="Crosses" width="90" height="90" /> '.
'<img class="large" src="'.$uploadfile.'" alt="Crosses" /> '.
'</a>';
} // end if
}

I would be delighted if you could help me out!!

Thanks.

bpat1434

If you have any control what-so-ever, don't run the server as "No-one". Run it under a user who is a part of a group. Then fix your permissions to be 754 or something of the sort.

Considering that you must allow users to upload images, I'm guessing this is where the issue lies, not in the actual retrieval. So please show us the relavent code for uploading an image to your site.

void_function

Are you perhaps hosted with Lunarpages?

Ivan_

To answer your question, it is necessary to know the cause of it.
One of the cause can be hacker attack. To find the exact cause, it is necessary to look logs of statistics of site on a server.

And it is even better to write a security script which will scan all entrance variables, and to search for dangerous fragments. Such scripts are ready for the some CMS, for example PHP-NUKE. Such scripts help to prevent attacks, and to find vulnerability.

If I will have free time, I shall write article how to make similar security scripts.

If your visitors have the right to load files, vulnerability can be here. Someone has loaded a file *.php which has removed all. As it is necessary to look all commands fopen, fread. Probably, someone has crack access to administration. It is simple, if you do not have protection against pick up of the password.

Necessary to view the logs of statistic of site on a server.

obrienkev

thanks all. How do I view the stats logs?

MarkR

obrienkev wrote:
My images and folders were deleted from my site. How is this??

How could we possibly know?

Are you on shared hosting? If so, get off. At least- don't share hosting with any applications not developed by yourself specifically known vulnerable ones e.g. phpbb, *nuke etc.

Obviously you can restore them from backups, but it's more important that it doesn't happen again.

Mark

Ivan_

You can asked to your hoster about ststistics files. But, better to create your own sistem of statistic.