-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Scott Silva Sent: Friday, June 26, 2009 7:50 PM To: centos@centos.org Subject: Re: [CentOS] Web photo gallery options [Solved]
Anyway, I installed Gallery2 yesterday evening and finished up way late. It works sort of. I feel I need to read up on security best-practices with regard to mysql and also how to deny folder listings. As it is now I think mysql is seriously insecure for world access, and the folder listing shows the gallery2 contents to the world. I'll look into it this weekend.
If mysql and the gallery soft ware are on the same server, then you don't need to open up mysql to the world. The gallery software should be able to access the DB over the localhost address, and you could firewall off outside access to mysql.
Yupp, that's what I did.
I had some other problems with a folder listing being visible for some reason on someurl.com/gallery2, so I ended up installing Gallery1 instead, but this one couldn't process any pictures because it though Image Magick and/or Netpbm wasn't installed (it was...), but the folder listings weren't there at least. I'll probably end up installing Gallery2 anyway. Need to read up on mysql and apache some more though, it might be a good idea anyway. The whole thing is resting right now. 8-)
Thanks for the hint though.