MarkMaunder dot com

WordThumb now uses a secure public cache for compatibility

August 5, 2011 | mark | TimThumb, Wordpress

UPDATE: WordThumb has now been merged into TimThumb and has become TimThumb 2.0. Please head over to the TimThumb site now for updates and to get the code.

The latest version of wordthumb (just uploaded) uses a public cache again (same place timthumb does) because many system temporary folders are not writeable.

This public cache is part of what caused the timthumb vulnerability, so I’ve made it more secure as follows:

  • Using a .txt extension for all files so servers won’t execute the files when accessed.
  • Using an md5 salt to prevent hackers knowing what filenames are to make things a little harder. On a badly configured server they could still get a directory index and access files that way.
  • Added a <?php die(); ?> to the start of ever file cached. That way if a hacker manages to guess a filename and for some reason the server decides to execute a .txt file, as a last resort it will simply die.

 

Leave a Comment

Your email address will not be published. Required fields are marked *

My name is Mark Maunder. I've been blogging since around 2003 when I started on Movable Type and ended up on WordPress which is what I use to publish today. With my wife Kerry, I'm the co-founder of Wordfence which protects over 5 million WordPress sites from hackers and is run by a talented team of 36 people. I'm an instrument rated pilot and I fly a Cessna 206 along with a 1964 Cessna 172 in the Pacific Northwest and Colorado. I'm originally from Cape Town, South Africa but live in the US these days. I code in a bunch of languages and am quite excited about our emerging AI overlords and how they're going to be putting us to work for them.