Secure Album for JomSocial

Recently, we discovered the major security and privacy hole in all Jomsocial installations.
The point is, when user creates the album whether it is a profile album, or group album, the system create the unique folder to store the images in it. However, Jomsocial does NOT protect the newly created folder with blank index.htlm file so everyone can access the folder content using the direct link, thus violating the users privacy if set

We should say no more - just try Secure Album.
Furthermore, when user deletes the album, Jomsocial DO NOT delete folder with images! leaving your server to cope with not needed trash that will eventually slow down the file indexing and server itself.

But, what can we do about it?
While waiting for Jomsocial developers to fix this obvious privacy hole, Pimentel.cc and SuburbaNS Solutions actually gave you the solution.

We have a plugin that will:
- Check user album folders and protect them with index.html file
- Check if folder is declared in database. If not, deletes it.
- Runs with user ID on system start
- Do its job per user session (to avoid server overload)
- Deletes unused folders in a safe way.

You can download this plugin at SuburbaNS Solutions page.

(This plugin is only temporarily solution for your sites as this kind of flaws should really have to be fixed by original script developers.)

TEST PLUGIN BEFORE USING ON PRODUCTION SERVERS