Good day

Lately, I'm experiencing problems where users upload malicious files to the imagecache folder.

For example: /imagecache/100width_Left/r57.php_.jpg: PHP.Shell-16 FOUND and /imagecache/250h/ei3.php_.jpg: Trojan.PHP.C99Shell FOUND.

Is there any way to stop this?

Thank you.

Comments

vladan.me’s picture

vladan.me commented

I've stumbled across this issue accidentally but I think you should either update Drupal to latest version or try fixing it manually by following instructions written here https://drupal.org/SA-CORE-2013-003
In short, you need to locate .htaccess file in sites/default/files (assuming imagecache is located under sites/default/files/imagecache) and change it to mentioned one, hopefully will solve your problem

avpaderno’s picture

avpaderno
he/him
Primary language Italian
Location Brescia, 🇮🇹 🇪🇺
commented
Category: Bug report » Support request
Priority: Critical » Normal
Issue tags: -trojan, -file upload

This module doesn't allow to upload images, but it just creates a derivative of the original image. It's the module that allows to upload images that should verify that what uploaded is really an image.
As for avoiding that PHP files uploaded from users are executed, that is a Drupal core task.