Jump to content
Дизайн и модификация IPS Community IPBSkinsBETA
Search In
  • More options...
Find results that contain...
Find results in...
Sign in to follow this  
Bot

4.1.14.3

Recommended Posts

This release contains a security update to address a possible issue where uploaded files may execute as scripts. For this to happen, a server must be configured to allow for very loose rules for what is an executable script. Most servers will not be vulnerable to this issue but we have no way of detecting which may be so we are releasing this security update as a precaution.

It is recommended this release is installed as soon as possible.

This new version improves the security of the .htaccess protection for the /uploads folder on your site. If you have already enabled the security feature "Protect Writeable Folders From Dangerous Files", then you will need to manually update the .htaccess file which you can do simply by opening "uploads/.htaccess" in a text editor and replacing its contents with:

#<ipb-protection>
<Files ~ "^.*\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml|([a-z0-9]{32}))$">
    Order allow,deny
    Deny from all
</Files>
#</ipb-protection>

 

Оригинал

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...