Talk:Gallery2:Security - Gallery Codex
Personal tools


From Gallery Codex

Revision as of 15:39, 15 March 2009 by Wagonlips (Talk | contribs) (Contradiction?)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
  • Add a note about cookie path / domains
  • add a note about phishing attacks
  • add a note about what measures G2 already implements for security

Security / .htaccess code

You can "Allow from" (where = some IP) to the below code in .htaccess thereby permitting access for the owner and others as needed.

<Files ~ "\.(inc|class)$"> Deny from all </Files>


<Files ~ "\.(inc|class)$"> Deny from all Allow from </Files>

You can add multiple IPs separated by "," e.g.

Allow from,

openbase_dir settings

Something that was not clear to me, I had to add the folder locations of the ImageMagick, NetPBM and ffmpeg binaries. example: openbase_dir = /web/gallery/folder/:/web/g2data:/usr/bin


I see you have even wiped the version off Special:Version.

I wouldn't bother, it is available even in the HTML source of that very page! Jidanni 04:12, 11 March 2009 (UTC)