+- ZenphotoCMS Forum (https://forum.zenphoto.org)
+-- Forum: Support (https://forum.zenphoto.org/forum-1.html)
+--- Forum: General support (https://forum.zenphoto.org/forum-4.html)
+--- Thread: Upgrade from 1.4.1.6 to 1.4.2 - Install problems (/thread-9402.html)
Upgrade from 1.4.1.6 to 1.4.2 - Install problems - Soleil - 2011-12-19
I tried to upgrade to 1.4.2 but get always the information
"Forbidden
You don't have permission to access /albums/zp-core/setup.php on this server".
N.B. ZenPhoto has been installed in "albums".
I reinstalled ZenPhoto three times now, but get always the same information.
Upgrade from 1.4.1.6 to 1.4.2 - Install problems - acrylian - 2011-12-19
Well, the file/folder permissions are not set correctly. Please see the troubleshooting on this.
Upgrade from 1.4.1.6 to 1.4.2 - Install problems - Soleil - 2011-12-19
Thanks acrylian.
I put the permissions on 777 for "albums" and for ".htaccess", but keep getting the same error message. Should I change permissions anywhere else ? On all forders and files?
Upgrade from 1.4.1.6 to 1.4.2 - Install problems - acrylian - 2011-12-19
You need to fix the permissions on "/zp-core" as the error indicates. 777 is pretty insecure though. So if you really need to do that on setup set them to more secure settings afterwards (see the troubleshooting already referred to).
Upgrade from 1.4.1.6 to 1.4.2 - Install problems - Soleil - 2011-12-19
Thanks again acrylian.
In the meantome I put the permissions to 644 for files and to 755 for directories as you suggest in the troubleshooting. I managed to run the setup.
I found my albums again. But the images do not display. I see only their names. What to do?
Upgrade from 1.4.1.6 to 1.4.2 - Install problems - acrylian - 2011-12-19
Please see your server's error log.
Upgrade from 1.4.1.6 to 1.4.2 - Install problems - Soleil - 2011-12-19
Through my host, I can get only yesterday's error logs and I do not know how to get error logs through MySql. Is there another way in (ZenPhoto)to see the error logs?
Upgrade from 1.4.1.6 to 1.4.2 - Install problems - acrylian - 2011-12-19
There is no way to get the server error logs through Zenphoto. You have to ask your provider.
Upgrade from 1.4.1.6 to 1.4.2 - Install problems - Soleil - 2011-12-19
In the meantime, I managed to display the picture. For some reason, the permissions on my "albums" in the zenpage were set 755 instead of 755.
But CATASTROPHE! I got hacked again. And again my pages point to
Upgrade from 1.4.1.6 to 1.4.2 - Install problems - acrylian - 2011-12-19
Quote:permissions on my "albums" in the zenpage were set 755 instead of 755.
A typo maybe?
Sorry about the new hack - we don't know if it is the same - but this can happen if the file/folder permissions are set to lax or because of numerous other things. Best contact you host as well.
Upgrade from 1.4.1.6 to 1.4.2 - Install problems - Soleil - 2011-12-19
I meant "...750 instead of 755".
I have pages (Zenpage) introducing each album and on these pages there is a link like the following. Do you think it is dangerous ?
???
Upgrade from 1.4.1.6 to 1.4.2 - Install problems - acrylian - 2011-12-19
That link is a normal non-modrewrite link to an image name BBBB.jpg in album AAA. Unless the site referred is not yours that is surely not dangerous.
Upgrade from 1.4.1.6 to 1.4.2 - Install problems - Soleil - 2011-12-19
I am very thankful to you for answering so quickly. I'll write to the server host again, but last time, a few weeks ago, the answer was that is a known ZenPhoto problem.
The hacker manages to modify the .htaccess and to write into it the following (several times):
`ErrorDocument 400 The same happens in the .htaccess in the folder "albums"
Upgrade from 1.4.1.6 to 1.4.2 - Install problems - sbillard - 2011-12-19
I your site was hacked by the original attack it is necessary to remove all the script and htaccess files as they may have been conpromised. If you have not done that, the hacker still has access to your site.
As to the 0750 permissions--that will cause any direct link to fail since the final digit prohibits access by the public.
Upgrade from 1.4.1.6 to 1.4.2 - Install problems - acrylian - 2011-12-19
I removed the link again. We don't want to send them traffic or have our ranking hurt by linking to them.
Upgrade from 1.4.1.6 to 1.4.2 - Install problems - Soleil - 2011-12-19
Thanks acrylian and sbillard !
Yes of course, I had cleaned my site thoroughly and I will clean it again. Let's hope I'll get rid of this nuisance. I'll let you know.
Upgrade from 1.4.1.6 to 1.4.2 - Install problems - saltmine - 2011-12-19
Hey just had this happen to my site and thought I would contribute. In my case the hacker also uploaded two php files in various directories (same files each time). They seemed to be added to my sites root directory and the root of the zenphoto directory along with the first directory (alphabetically) in each zenphoto subdirectory.
I have gone through and removed all .htaccess files except for the one in the zenphoto directory - is there any way to generate a new one through zenphoto?
However, my site is still being redirected to site mentioned when access through a search engine. Is this something that google / bing is caching?
Upgrade from 1.4.1.6 to 1.4.2 - Install problems - sbillard - 2011-12-20
If you just remove it and run setup you will be given an option to have setup create a new one.
Upgrade from 1.4.1.6 to 1.4.2 - Install problems - Soleil - 2011-12-20
Maybe some know about it, but as for me I just found out that FileZilla has a search feature for remote files. Very useful, especially because it shows also the modification date and the file size and you can delete the files from the search window.
I found 12 htaccess files modified by the hacker on my server !!!!
Good to search also above www
I go on with my cleaning.....
Upgrade from 1.4.1.6 to 1.4.2 - Install problems - acrylian - 2011-12-20
That is surely a good idea. Zenphoto has only a root htaccess file by default.