Waqas Dar 7,050 Posted September 6, 2016 Posted September 6, 2016 This release contains a security update to address a possible issue where uploaded files may execute as scripts. For this to happen, a server must be configured to allow for very loose rules for what is an executable script. Most servers will not be vulnerable to this issue but we have no way of detecting which may be so we are releasing this security update as a precaution. It is recommended this release is installed as soon as possible. This new version improves the security of the .htaccess protection for the /uploads folder on your site. If you have already enabled the security feature "Protect Writeable Folders From Dangerous Files", then you will need to manually update the .htaccess file which you can do simply by opening "uploads/.htaccess" in a text editor and replacing its contents with: #<ipb-protection> <Files ~ "^.*\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml|([a-z0-9]{32}))$"> Order allow,deny Deny from all </Files> #</ipb-protection> View the full article 0 Quote ⚡ Quick Access & Member Actions 📝 Create Account / Register 🔐 Member Login 🔍 Search Everything 🔥 Activity Feed (Live Updates) 🏠 Go to Portal Home 📩 Contact Admin Support ❓ Help & Support Center 🏆 Community Leaderboard 👨💼 Forum Staff Team 📜 Terms & Rules 🔒 Privacy Policy 📢 Forum Announcements
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.