Image Handler 4 (for v1.5.x) Support Thread

[Chargin]

Looking at the .js files it seems its "jQuery lightBox plugin"
Im not sure why it would be looking for a different URL for the image.
Ill ask templatemonster.... they usually arent much help.....

[DivaVocals]

Looking at the .js files it seems its "jQuery lightBox plugin"
Im not sure why it would be looking for a different URL for the image.
Ill ask templatemonster.... they usually arent much help.....

No hence why I refer to them as Template Monstrosity..


Suggest unhinging their lightbox and installing one that works with IH4..

[cefyn]

I am using zen cart 1.5.1 and have become concerned about the number of hacking attempts that I see in the server error logs.I am making an effort to beef up site security and believe the images folders are vulnerable.
Image Handler4 seems to need permissions of 755 on folders in the bmz_cache and 666 on image files within the cache in order to work properly.If I protect the bmz_cache folder with htaccess is that going to be hack resistant ?

[Chargin]

Well seems it was a very easy fix to the issue I asked about here earlier. Perhaps its more of a hack but its all working now.

I edited this line in main_product_image.php and removed large/

$products_image_large = DIR_WS_IMAGES . 'large/' . $products_image_base . IMAGE_SUFFIX_LARGE . $products_image_extension;

Then just changed the Product Info - Image Large Suffix to nothing from LRG and it now works fine.


Beats installing a whole new lightbox...

[DivaVocals]

there is already an htaccess file in the bmz_cache folder

I am using zen cart 1.5.1 and have become concerned about the number of hacking attempts that I see in the server error logs.I am making an effort to beef up site security and believe the images folders are vulnerable.
Image Handler4 seems to need permissions of 755 on folders in the bmz_cache and 666 on image files within the cache in order to work properly.If I protect the bmz_cache folder with htaccess is that going to be hack resistant ?

[cefyn]

there is already an htaccess file in the bmz_cache folder

Ha,yes,well,you were a bit ahead of me there then,ahem,obviously.What I am finding hard to believe is that .htaccess can protect a folder from unauthorised users even if the permissions on it and the files and folders in it are 777.I'm testing this,and it seems to be the case.Or am I missing something? And if I am, please tell me what it is.

[cefyn]

Sorry,it's an impossible question to answer.Too many ifs and buts .It will prevent browser access by anyone,but is only safe if you're on a dedicated server secured against unauthorised sshd and sftp access.

[DivaVocals]

Ha,yes,well,you were a bit ahead of me there then,ahem,obviously.What I am finding hard to believe is that .htaccess can protect a folder from unauthorised users even if the permissions on it and the files and folders in it are 777.I'm testing this,and it seems to be the case.Or am I missing something? And if I am, please tell me what it is.

Sorry,it's an impossible question to answer.Too many ifs and buts .It will prevent browser access by anyone,but is only safe if you're on a dedicated server secured against unauthorised sshd and sftp access.

You REALLY should start a new thread to discuss this.. Your general question is only moderately related to IH4.. You could apply the same question to the default images folder as well.. If you REALLY are concerned about security and .htaccess, start a new thread..