Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.
Not a member yet? Click here to register.
Forgot Password?
  1. Home
  2. Discussion Forum
  3. The Chill Out Zone
  4. Announcements & Security Issues
  5. PHPFusion 9 and 7 Security Announcements regarding ImageMime Exploits.

PHPFusion 9 and 7 Security Announcements regarding ImageMime Exploits.

Asked Modified Viewed 5,926 times
Back to Forum Index Previous Topic Next Topic
Print
C
Chan
C
Chan 0
Lead Developer of PHP-Fusion
  • Super Admin, joined since
  • Contributed 3,841 posts on the community forums.
  • Started 232 threads in the forums
  • Started this discussions
  • Answered 6 questions
asked
Super Admin

I'm strongly advising all sites on Fusion 7 and 9 to immediately update on these values to your .htaccess file soonest possible.
Code Download source

ForceType application/octet-stream
<FilesMatch "(?i).jpe?g$">
    ForceType image/jpeg
</FilesMatch>
<FilesMatch "(?i).gif$">
    ForceType image/gif
</FilesMatch>
<FilesMatch "(?i).png$">
    ForceType image/png
</FilesMatch>
0 replies

8 posts

Z
zizub
Z
zizub 10
  • Member, joined since
  • Contributed 156 posts on the community forums.
  • Started 29 threads in the forums
answered
Member

Chan - Thanks for the advice.
0 replies
R
Anonymous User
R
Anonymous User 367
  • Veteran Member, joined since
  • Contributed 939 posts on the community forums.
  • Started 2 threads in the forums
  • Answered 20 questions
answered
Veteran Member

Without this code
Code Download source
ForceType application/octet-stream


Only this
Code Download source

<FilesMatch "(?i).jpe?g$">
    ForceType image/jpeg
</FilesMatch>
<FilesMatch "(?i).gif$">
    ForceType image/gif
</FilesMatch>
<FilesMatch "(?i).png$">
    ForceType image/png
</FilesMatch>
0 replies
W
Wanabo
W
Wanabo 10
www.probemyip.com/probe-my-ip-80x15.png
 pHp-Fusion.Asia & pHp-Fusion.Fr & pHp-Fusion.Cn are available for a localized support community. Send PB for info.
  • Senior Member, joined since
  • Contributed 598 posts on the community forums.
  • Started 94 threads in the forums
answered
Senior Member

With ForceType application/octet-stream in .htaccess it seems to block css. Site looks like no css is loaded.
Without ForceType application/octet-stream site is OK.

Does the rest of the htaccess work correctly without ForceType application/octet-stream in htaccess?
0 replies
Z
zizub
Z
zizub 10
  • Member, joined since
  • Contributed 156 posts on the community forums.
  • Started 29 threads in the forums
answered
Member

My htaccess with ForceType application / octet-stream and my site is OK. Css working.
0 replies
W
Wanabo
W
Wanabo 10
www.probemyip.com/probe-my-ip-80x15.png
 pHp-Fusion.Asia & pHp-Fusion.Fr & pHp-Fusion.Cn are available for a localized support community. Send PB for info.
  • Senior Member, joined since
  • Contributed 598 posts on the community forums.
  • Started 94 threads in the forums
answered
Senior Member

Double check with browser cache emptied! Initially I didn't notice because css was cached, after flushing cache I noticed.
0 replies
K
Kvido
K
Kvido 10
Linux-Ubuntu 09.03.60, Linux/Ubuntu, PHP5, HTML5, Mozilla-Firefox 3.6.3, Opera 10.51, IE 8.0.6
https://www.nekecamweb.cz
  • Senior Member, joined since
  • Contributed 524 posts on the community forums.
  • Started 108 threads in the forums
answered
Senior Member

Writing in my .htaccess works. OK.
0 replies
— 5 months later —
H
Harlekin
H
  • Member, joined since
  • Contributed 57 posts on the community forums.
  • Started 11 threads in the forums
answered
Member

1. .htaccess do not work on Windows Server, what can i do
2 . i found no .htaccess in PHP Fusion 7.02.07
0 replies
R
Anonymous User
R
Anonymous User 367
  • Veteran Member, joined since
  • Contributed 939 posts on the community forums.
  • Started 2 threads in the forums
  • Answered 20 questions
answered
Veteran Member

.htaccess does not work on Windows Server because is only for servers based on Apache. You must convert .htaccess to Web.config.
0 replies

Category Forum

Announcements & Security Issues

Labels

None yet

Statistics

  • Views 0 views
  • Posts 8 posts
  • Votes 0 votes
  • Topic users 6 members

6 participants

W
W
Wanabo 10
www.probemyip.com/probe-my-ip-80x15.png
 pHp-Fusion.Asia & pHp-Fusion.Fr & pHp-Fusion.Cn are available for a localized support community. Send PB for info.
  • Senior Member, joined since
  • Contributed 598 posts on the community forums.
  • Started 94 threads in the forums
K
K
Kvido 10
Linux-Ubuntu 09.03.60, Linux/Ubuntu, PHP5, HTML5, Mozilla-Firefox 3.6.3, Opera 10.51, IE 8.0.6
https://www.nekecamweb.cz
  • Senior Member, joined since
  • Contributed 524 posts on the community forums.
  • Started 108 threads in the forums
C
C
Chan 0
Lead Developer of PHP-Fusion
  • Super Admin, joined since
  • Contributed 3,841 posts on the community forums.
  • Started 232 threads in the forums
  • Started this discussions
  • Answered 6 questions
H
H
  • Member, joined since
  • Contributed 57 posts on the community forums.
  • Started 11 threads in the forums
Z
Z
zizub 10
  • Member, joined since
  • Contributed 156 posts on the community forums.
  • Started 29 threads in the forums
R
R
Anonymous User 367
  • Veteran Member, joined since
  • Contributed 939 posts on the community forums.
  • Started 2 threads in the forums
  • Answered 20 questions

Notifications

Track thread

You are not receiving notifications from this thread.

Related Questions

Not yet