Closed imorland closed 1 month ago
Spammers are composing a new post, uploading files to my server, not posting, and then using URLs to those files in their spam emails. I can't be giving spammers free hosting! Now that the spammers know about this exploit and are abusing it, all fof-upload users are at risk.
Is it safe to uncomment MapFilesCommand
and run it? I'm using only adapters: default file download, just URL, and complete image preview template.
I removed my site from the showcase since I expect now that spammers know Flarum can be abused, having a collection of sites to exploit is convenient.
This issue has been automatically closed because it received no activity for three months. If you think it was closed by accident, please leave a comment. If you are running into a similar issue on the latest version, please open a new issue. Thank you.
Related: #360 #352 #333
Reported on discuss: https://discuss.flarum.org/d/4154-friendsofflarum-upload-the-intelligent-file-attachment-extension/2234