not a support question
melzar
Member
Is there a TimThumb update for Avisio, or any guidelines to keep our sites safe?
http://blog.vaultpress.com/2011/08/02/vulnerability-found-in-timthumb/
I see that Avisio uses TimThumb here:
wp-content/themes/avisio/framework/includes/timthumb.php
Thanks!
Hey,
as far as I know timthumb isn't required/in use anymore. If you fear hackers open up the file, delete the whole code/text in the file and upload it again. It's technically impossible to execute any code in the cache folder afterwards. You can also change the folder's permission to 644 or 755.
melzar
Member
Great, thank you! I wasn't hacked, but I want to do my best to prevent it from happening!
I just deleted the timthumb.php file entirely from my site. Is that good enough, or do I need to change or update any other files? Everything on the site appears to be functioning normally.
SDChristina
Member
In case anyone has this question as well...v 2.0.3 can be downloaded from ThemeForest and has the timthumb fix.
sidenote:
hey Admin: Is there a way to be notified when an update has been made? Or...something has been posted to a thread that you're following in this forum?
Hey,
at the bottom right of every topic there is an "RSS feed for this topic" which you can subscribe to to easily check updates.
You must log in to post.
Please start by registering an account for this forum here
Create a new thread and tell me what problems you are encountering and what you want to know.
There is no step 3 :)
We try to answer all questions within a day, monday-friday.
