TimThumb Troubleshooting Secrets

TimThumb is no longer supported or maintained.
More information →

I often get asked questions about TimThumb and why it doesn’t work in certain situations. I can generally tell what is wrong with the script within about 60 seconds of being sent a demo url. Below are my top tips for debugging TimThumb issues.

Keep TimThumb up to Date

This is super important. TimThumb should always be kept up to date. I regularly publish bug fixes and improvements and often the problems listed below will actually be fixed already if you only used the latest version. Just grab the latest version of TimThumb from Google Code and upload it. Is your problem fixed now? If so then great! 🙂 If not then read on and we’ll sort it out!

If you’ve not heard of TimThumb before then it’s a simple PHP file used to resize images dynamically. You can read more about it, and find some ‘getting started’ style hints and tips on the TimThumb Project Page.

TimThumb Secrets

  1. Right Click > View Image – If an image isn’t loading then this is the first thing you should do. 9 times out of 10 it will tell you what the problem is in an easy to read error message.
  2. Supply an Image url – this is surprisingly common. TimThumb is clever, but unfortunately it needs to be fed image paths so that it knows what to resize. This is pretty fundamental, you can read more info on getting started with TimThumb here.
  3. urlencode(url-with-parameters); – if the image you are resizing is a dynamic one (ie, it has &skdh=khdkfs&ksjdsjd=ksh) then it is unlikely to resize properly. Simply change your image url so that it is wrapped in a call to the urlencode PHP function. This is something I would always recommend doing as it will encourage TimThumb to work in more situations.
  4. Cache Directories do not exist – For TimThumb to work properly you need to have a cache directory called cache sitting alongside the timthumb.php file.
  5. Cache Directory Permissions – the cache directory should exist inside the same directory as TimThumb. It should have permissions set to 777.
  6. More Cache Directory Permissions – if 777 doesn’t work then you may find 755 is ok. It’s worth a try, but not something I have seen very often.
  7. Cross Domain Request – for security TimThumb restricts cross domain requests. Certain websites, such as Flickr, are allowed by default, but if you want to load an image from another website then you need to make sure it’s added to TimThumb. You can read about cross domain TimThumb requests on a previous post.
  8. File Permissions – some web hosts won’t execute PHP code if it sits in directories that have permissions set to 777. So make sure that any directories ‘above’ the timthumb.php file are set to a normal level of permissions (644 is good).
  9. Use with WordPress mu/ multisite – It’s a common misconception that TimThumb doesn’t work with WordPress Multisite. That’s not true at all. All Pro Theme Design themes use TimThumb and work fine with the multisite version of WordPress. To make it work you need to customise your theme, and there’s info on this in my tutorial here.
  10. Server Requirements – this should go without saying really but TimThumb requires PHP and the GD image library. These are really really common so you shouldn’t have any problems. If you find yourself without these installed then ask your webhost and many will install the software for you – if they don’t do the installation it’s probably worth considering a new host.
  11. Image Formats – make sure that the images are one of jpg, gif, or png or they won’t be resized.
  12. index.html – to prevent the cache files from being browsable an index.html file is created in the cache directory. This file should have it’s permissions set to 666

Let me know what you think on Mastodon, or BlueSky (or Twitter X if you must).

Related Posts

05 Aug 2010

Using TimThumb part 1: Getting Started

TimThumb has always been built with simplicity in mind. However there are a few things it can do that have not been exposed before.Inspired by a comment from RBhavesh I have decided to write a series of posts in which...
11 Oct 2009

How to Make TimThumb Work With WordPress Multisite

TimThumb is a popular image resizing script that was created for Mimbo Pro – but it’s never worked properly with WordPress MU, so I wanted to change that.The reason it doesn’t work is quite simple. Because of the way WordPress...
12 Aug 2010

Using TimThumb Part 2: External Websites

Of all the TimThumb feature requests the most popular are being able to crop an image from a specified location, and being able to load images from external websites. Resizing images from external images was added at the start of...
01 Jul 2014

I No Longer Use TimThumb – Here’s What I do Instead

Last week there was a second exploit found in TimThumb. Thankfully it was no-where near as bad as the first one – but it raised an interesting question of whether TimThumb is even needed anymore.TimThumb was made to be useful...
15 Mar 2012

TimThumb Configurations

As a TimThumb user, making changes to the settings has always been a bit of a pain. It’s possible, of course, but if you make changes – and then want to update the script – then you have to make...
26 Jun 2014

New TimThumb Exploit Found

It’s been reported today that there is a new TimThumb exploit found. Unfortunately nobody told me about this before the exploit was announced – in fact I found out about the bug through wptavern.com so I haven’t been able to...