Support ⇒ Security ⇒ Safe to allow avatar upload/linking? ⇒ Community Forums ⇒ CPG Dragonfly™ CMS
Forum IndexSecurity

Safe to allow avatar upload/linking? Reply to topic


Hi,

For a long time I've restricted my site's avatar settings to "gallery only" but now a number of users are asking for the ability to upload or link to their own avatars. I'm running DF 9.1.2.1 - should I be concerned about the security implications of enabling uploading/remote linking or are there checks in place to make this essentially a "non-issue" these days?

Many thanks for any thoughts and comments!

Note: WWW Private Listing - Staff Only

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
linux/Apache 2.4.27/MySQL 10.1.26-MariaDB/PHP 5.2.17/Dragonfly 9.2.1


no go ahead and let them. I have for all my sites. You can on this site Smile

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Multiple Setups


Thanks very much, appreciate the feedback. Would you say both options (i.e. uploading and remote linking) are equally safe or is one *potentially* more of a risk? I realise I'm sounding overly risk-averse but I have enough trouble sleeping as it is!!

Note: WWW Private Listing - Staff Only

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
linux/Apache 2.4.27/MySQL 10.1.26-MariaDB/PHP 5.2.17/Dragonfly 9.2.1


Both safe. I have several DF sites and always allow link and upload. I have setup many site been online for years allowing both with no issues at all except disk space usage Smile

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Multiple Setups


Thanks again!

Note: WWW Private Listing - Staff Only

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
linux/Apache 2.4.27/MySQL 10.1.26-MariaDB/PHP 5.2.17/Dragonfly 9.2.1

All times are UTC


Jump to: