Possible file upload attack!

Radi

Hi,

I just installed OpenPanel and its very nice. I am liking it, albeit thinking that it may need a more powerful server than my dummy test VPS: 4 GB RAM, 3 CPU when coupled with more websites.

During install I saw in console "Possible file upload attack!" but the install completed successfully and so far everything works. Why does this warning show up though?

stefan

Radi Hello, thank you for trying out OpenPanel!

No need for concern, this response comes from our server at support.openpanel.co, where the installation log is sent. We do this to track any warnings or errors that occur during installation, which helps us refine and improve the installation script.

The operation involves a straightforward transfer from a temporary location:

// Move the uploaded file to the target directory
if (move_uploaded_file($_FILES['file']['tmp_name'], $uploadFile)) {
    echo "Installation log uploaded successfully." . "\n";
} else {
    echo "Warning: Potential file upload attack!\n";
}

I'll add additional checks and improve the error messaging. Thank you for bringing this to our attention.

EDIT: Opened issue #71, planned fix for v0.1.6