407 thoughts on “TimThumb Troubleshooting Secrets Leave a comment

  1. Hi,

    I am using WordPress 3.1.4 and a theme called Austerity. Having replaced the old version of timthumb.php with the latest version (i.e. http://timthumb.googlecode.com/svn/trunk/timthumb.php) I now get an error message “Error loading image” when going to the home page of my site and none of the images on the page load.

    If I right-click on the text link where one of the images should be, it appears to be pointing correctly to the image, e.g. http://www.truth2power.co.uk/wp-content/themes/austerity/timthumb.php?src=http://www.truth2power.co.uk/wp-content/uploads/2011/07/slide01.jpg&h=400&w=960&zc=1&q=100 and the image itself is not corrupted (I can see it fine in my browser if I navigate to it directly).

    I have checked and the images on this page all load fine if I replace timthumb.php with the old version (with the vulnerability). I obviously don’t want to leave my site open to compromise, please could you advise me what I can do?

    Cheers,

    Phil

  2. Hey Ben,

    Thanks for a great plugin. I am having a small issue.

    If you visit this URL you will notice three thumbnails in the recent posts widget.

    http://www.greensborobirthpartners.com/blog/

    the first image showed up, with no issues, but when two other authors posted the thumbnail was linked to the default image.

    Is this anything you can help me with.

  3. Is there a way to force timthumb.php to use the full url for displaying thumbnails. I’m sure this is an issue with WordPress and windows servers but..

    This doesn’t work:

    src=”http://server-name/wordpress/wp-content/themes/LondonLive/thumb.php?src=/wp-content/uploads/2011/09/Cinema20Al-xlarge-1024×899.jpg

    And this does:

    src=”http://server-name/wordpress/wp-content/themes/LondonLive/thumb.php?src=http://server-name/wp-content/uploads/2011/09/Cinema20Al-xlarge-1024×899.jpg

    I don’t know PHP so can someone tell me how to change timthumb.php to generate full urls?

    Thanks for any help anyone can give

  4. Hi there, I was able to install yamidoo_pro on my website… all of the sudden google emails me stating that I was sending a bunch of spam and that one link of my website was bogus asking for credit card info… it turns out it was coming from the scripts/cache folder that your instructions says to change to 777 to display the images correctly… if I leave it as 777 I am afraid that someone will write again on that folder… if I change it to 755 the images don’t work… have you heard anything about this?

    Thanks for your help, awesome instructions… which helped me get the site going.

  5. Thanks alot! Like you said, the problem would be generally solved within 60 seconds! It took me ten seconds to fix it, just with step 1 🙂
    Thanks!

  6. I setup Timthumb on my page and it works perfectly. But i think the caching isnt working. The page is slow if high traffic hits (has a standalone server) and the files in the /cache directory renew themselves every day, although i set the cache time to 864000. hmm

  7. since updating to the new timthumb version, it just stopped working.

    i am on WP 3.2.1, object to 1.7.1 and framework to 4.5.3.

    i am getting a “bad request” when trying to run the thumb.php.

    the host (godaddy) says that the thumb.php has either a buggy code (hence the refusal to execute the script) or that it is trying to do something not allowed by godaddy.

    Permissions are set up correctly (that site is on a shared window server so i can’t change permission of that specific file but the file inherit the permission from its folder which are set up correctly).

    you can see it here:
    http://www.laboutique-galerie.com/wp-content/themes/object/functions/thumb.php?src=wp-content/uploads/2011/09/CSTM01-680×1024.jpg&w=220&h=220&zc=1&q=100

    I re-installed a fresh WP/Wootheme/wooframework in a sub folder on the same server and i am getting the same result (broken images)

    http://laboutique-galerie.com/2012/

    Do we know if thumb.php works on shared window server or does it has to be on a linux server? Can you think of anything that could trigger this “bad request” message?

    thank you for your time.
    [a]

    1. leaving a reply to my own querry: I moved the site from a shared window server to a shared linux server (still on godaddy) and timthumb.php is magically working again. [a]

  8. hi,ben, I have a question use TimThumb, PHP error:

    PHP Warning: filemtime() [function.filemtime]: stat failed for cache/49d1938afa849730365807cab3ade2f2.png

  9. Hello,
    I’ve been struggling to get my site up for about 2 weeks now. The thumbnails on my services page just wont show up. I’ve tried almost every tip on this page. The only thing I really notice is that when I load the page in firebug and inspect the element, they say that this link failed to load:
    http://esemg.com/wp-content/themes/Theme/blacklabel/framework/timthumb.php?src=http://esemg.com/wp-content/uploads/2011/08/consultarrow.jpg&h=110&w=190&zc=1

    Page with the broken thumbnails:
    http://esemg.com/services-2/

    Thanks to anyone who think of anything. Thanks.

  10. My site was working fine up until I updated it a couple days ago with WordPress 3.2.1. I know the theme I am using which has TimThumb built into it is no longer supported and I updated the TimThumb.php file.

    My problem is when on any page in the sidebar, all the Popular post images are the same and don’t correspond with the posts. This is wierd, but what is more insane is that the thumbs for the featured post area all work fine. I checked out where the script is being called and they both seem to match up. I am wondering if you have any insight on why this is happening.

    Any help will be great help!

  11. Dear Sir, after reading your blog i have deleted my VERSION’, ‘2’ timthumb.php and now i have uploaded VERSION’, ‘2.8’

    Please tell me is it safe and i m allowing only my website where i am uploading my pictures.

    Regards

  12. Hi, I really love Timthumb, so first of all thanks for Your effort! Now, I’m wondering if it’s possible to use Timthumb in some other way, like just in the PHP process itself. For example like:

    $timthumb = new timthumb();
    $new_timthumbed_img = $timthumb->crop($_FILES[‘my_file’][‘tmp_name’], $width, $height);

    This is just an example. I think it would be absolutely awesome if we could use timthumb this way, too, and easily create the filter effects or anything else with it.

    All the best and sorry for my bad English 😉
    .wired

    1. Hi There. This is a nice idea but it would need a fork of the code, and then modifications, to do this as TimThumb is designed to display the images and not to just generate them.

  13. Hello!

    I’m using timthumb for a while, but this time I do not realize what is wrong with one image:
    http://goo.gl/uwno3
    It says
    file not found
    Query String : zc=1&q=80&a=c&src=http://drumliber.ro/wp-content/uploads/2009/08/Image0142+.jpg&w=140&h=140&siteName=devsally
    TimThumb version : 1.25
    But if I only get the link of the image it can be loaded in the browser; the file permissions seem to be ok.

    (It runs quite well for everything else: thumbnails in the bottom of the pages, eg. http://goo.gl/rDL73 )
    Thanks!

  14. Hi Ben,

    It’s a great script but unfortunately, I’m having a bit of an issue with getting it going. I have the php code which pulls the featured image set as the src. I’ve confirmed that it does in fact pull the featured image, except when I have it set as the source in the timthumb line of code. When I set it in there, I get this on my page:

    photoname&h=275&w=575&zc=1″ alt=””/>

    I’ve pasted just a direct image location into the src and ensured that the script does in fact work. It just seems to be something about it not agreeing with my php code (I’ve tried the url_encode method as well). I would really appreciate any help you could provide on this issue. Thanks!

  15. Seeing the same bloody issue as everyone apparently and there’s no fix in sight and the debugging messages make no sense whatsoever. Perms are all fine, everything was working 100% before the last upgrade to fix the massive hack I underwent and this is what I see in my error message:

    [Mon Oct 31 01:02:37 2011] [error] [client 127.0.0.1] TimThumb Debug line 1076 [0.000327 : 0.000198] Doc root is: /path/to/domain
    Found file as /path/to/domain/wp-content/uploads/2009/11/ComfortInn1.jpg
    [Mon Oct 31 01:02:37 2011] [error] [client 127.0.0.1] TimThumb Debug line 1076 [0.001643 : 0.000392]: Security block: The file specified occurs outside the document root.

    You gotta throw us a bone here, nothing’s working and no one knows why!

  16. Hi,
    I have been told by my hosting company that my timthumb.php file is causing a high CPU load on their web server.
    Do you know what might be causing this?
    I am running v2.8.

    Many thanks for your software

    1. It’s because it’s a virtual url. The directory ~cathedra does not exist on the server so the script can not find the image

  17. Hi Ben,

    I’ve been trying to update the timthumb script on a client’s site and after I upload the file, the images stop displaying.

    I’ve been through all the steps above – made sure permissions are correct, GD library is installed, and been in touch with the webhost – but so far nothing has worked.

    Right clicking on an image and choosing ‘view image’ gives me this error code:
    “A TimThumb error has occured
    The following error(s) occured:

    Could not get a lock for writing.”

    Do you have any advice?

    Thanks,
    Fiona

    1. could not get a lock for writing means some sort of directory permissions issue on the cache directory so make sure your php script can write to the cache directory.

      1. I was having this issue on a server and spun my wheels for hours. After setting 777 permissions on the cache folder to no avail, I ended up changing the cache directory to the system default. Change his line in timthumb.php:

        if(! defined('FILE_CACHE_DIRECTORY') ) define ('FILE_CACHE_DIRECTORY', './cache');

        To:

        if(! defined('FILE_CACHE_DIRECTORY') ) define ('FILE_CACHE_DIRECTORY', '');

        Essentially removing the directory specified (“./cache”) to use the system’s default cache directory.

        This fixed the issue for me. I hope it helps anyone else struggling with 400 Bad Request and the “Could not get a lock for writing.” error messages. Please note if you use a timthumb-config.php companion file you’d change the attribute in here.

  18. Haven’t seen this posted on here, but I’ve been having a terrible time getting TimThumb to work on a new site. Hostgator – (a great hosting company) evidently has to “whitelist” TimThumb in order for it to work on a domain hosted there. This has still not resolved the issue for us. But if you are on HostGator and just installed a new wp theme, they have to enable it for each domain. Or at least that’s what I’ve been told.

    1. Hi – this is a known issue. I am not sure why they keep on blocking it as lots of people have asked them about this problem.

  19. Hello! My slider images are producing the following errors :

    Warning: realpath() [function.realpath]: open_basedir restriction in effect. File(/usr/local/apache/htdocs) is not within the allowed path(s): (/home/:/usr/lib/php:/tmp) in /home/a5824105/public_html/wp-content/themes/tarnished-theme/tarnished/lib/scripts/timthumb.php on line 821

    I am using the latest and greatest timthumb file but have tried many others based on suggestions. I have the timthumb file set up with 777 permissions. Any ideas on what causes this error?

    I am using 000webhost.com as a host. Argh!

    Thank you for any specifics you can provide!
    Morgan

  20. Hey Ben

    Great work with both updating this recently and answering people’s questions who find their way here.

    I updated to 2.8.2 recently and all thumbnails seem to give the same error as others – Could not find the internal image you specified.

    One example of a now broken thumbnail is here – the image is there but any parameters such as h=, w= etc and calling the image via the thumb.php doesn’t work 🙁

  21. Hi,

    I have a problem with the thumbs on my site. I´m not quite sure if this is related to timthumb, but I guess someone here can point me in the right direction.

    The thumbs load, but not all of them always. Sometimes it loads the thumbs and then they disappear during loading the rest. I have tried with different nuber of thumbs and it dosen´t seem to matter.

    I use a theme called Motionpicture by Obox.

    Cheers,
    Ernst

    1. Not sure if it’s related either but I would make sure you’re using the latest version of TimThumb as there was an issue a while ago that may be related.

  22. Hi!

    I really need your help here. I have a site that’s currently being hosted on a windows server and have had timthumb working on my own linux based server prior to launching this site.

    http://www.urbanrevival.ca/index.php/portfolio/

    The images here exist on the server but I can’t seem to get timthumb script to work. I have set up the proper permissions for cache and temp folders and they are all within the same directory as timthumb.php

    This is the working copy of the exact page:

    http://pixelwhisperer.net/clients/arodman/portfolio

    Any feedback is much, much appreciated

    Thanks!

  23. Hi Ben,

    I have an intermittent problem. When I open my site, quite often the TimThumb images appear to be broken. If I refresh the page then the very same images which showed as broken earlier load. Here is the site http://ipadsadvisor.com.
    I have tried this on different computer systems and different OS and even different internet connections

    Please help

    1. I am afraid I don’t know what that is. I can only assume there is an issue with the speed of the server/ the number of connections or php processes needing to be upgraded. Unfortunately that’s a wild guess – I’ve not seen this happening otherwise. I would always suggest upgrading the script to the latest version though.

  24. I’am on a local ‘wamp’ server and the requested img won’t show up.
    The error-message states that it can’t find the internal image.
    GD2 extension is enabled, permissions can’t be an issue and the url parameters to the file are correct.

    C:\wamp\www\tt

    cache
    temp
    index.php
    timthumb.php
    dummy.jpg

    Where do I go wrong?

    1. you no longer need the temp directory but that won’t affect this. I would recommend updating your script. There were a couple of changes about 2 days ago that may have resolved the problem you’re seeing.

  25. I have the latest version installed (2.8.4) and have this issue I can’t seem to solve when error images or 404 images are suppose to be shown.

    I have am error image set in the config but get the same error:

    Warning: getimagesize() [function.getimagesize]: URL file-access is disabled in the server configuration in /nfs/c03/h04/mnt/50940/domains/dougberger.net/html/wp-content/themes/dougTooldv/scripts/timthumb.php on line 1190

    Warning: getimagesize(http://www.dougberger.net/wp-content/uploads/2011/08/dougsviews.jpg) [function.getimagesize]: failed to open stream: no suitable wrapper could be found in /nfs/c03/h04/mnt/50940/domains/dougberger.net/html/wp-content/themes/dougTooldv/scripts/timthumb.php on line 1190

    Warning: getimagesize(/wp-content/uploads/2011/08/dougsviews.jpg) [function.getimagesize]: failed to open stream: No such file or directory in /nfs/c03/h04/mnt/50940/domains/dougberger.net/html/wp-content/themes/dougTooldv/scripts/timthumb.php on line 1190

    Warning: Cannot modify header information – headers already sent by (output started at /nfs/c03/h04/mnt/50940/domains/dougberger.net/html/wp-content/themes/dougTooldv/scripts/timthumb.php:1190) in /nfs/c03/h04/mnt/50940/domains/dougberger.net/html/wp-content/themes/dougTooldv/scripts/timthumb.php on line 419
    A TimThumb error has occured
    The following error(s) occured:

    An error occured fetching image.
    Additionally, the 404 image that is configured could not be found or there was an error serving it.
    Additionally, the error image that is configured could not be found or there was an error serving it.

    Query String : src=https://punditkitchen.wordpress.com/files/2008/09/political-pictures-barack-obama-chill-out-got-this.jpg&w=100&h=100
    TimThumb version : 2.8.4

    The settings from the config file is:

    if(! defined(‘NOT_FOUND_IMAGE’) ) define (‘NOT_FOUND_IMAGE’, ‘http://www.dougberger.net/wp-content/uploads/2011/08/dougsviews.jpg’); // Image to serve if any 404 occurs
    if(! defined(‘ERROR_IMAGE’) ) define (‘ERROR_IMAGE’, ‘/wp-content/uploads/2011/08/dougsviews.jpg’); // Image to serve if an error occurs instead of showing error message

    I’ve used full urls and relative and get the same error. The default image is fine it shows if I out the src url in the browser and all other operations of the script works fine – external images show up fine.

    Any suggestions to fix this?

  26. Did anyone mention that timthumb is causing a high cpu load and throttling the server? I have several websites that was using timthumb and now I have remove timthumb completely as suggested by our hosting company.

    One website using timthumb which has just 30 visitors, has much higher cpu usage than another website (doesn’t use timthumb) which has 200 visitors

    I would like to have timthumb on my websites but couldn’t find any remedy to the problem

  27. hi ben,,.
    i get problem with the thumnail post.,
    Warning: file_exists() [function.file-exists]: open_basedir restriction in effect. File(/usr/local/apache/htdocs/wp-content/uploads/2011/12/Untitled-1.jpg) is not within the allowed path(s): (/home/:/usr/lib/php:/tmp) in /home/u761038559/public_html/wp-content/themes/Xanadu/timthumb.php on line 845

    Warning: file_exists() [function.file-exists]: open_basedir restriction in effect. File(/usr/local/apache/htdocs/www/wp-content/uploads/2011/12/Untitled-1.jpg) is not within the allowed path(s): (/home/:/usr/lib/php:/tmp) in /home/u761038559/public_html/wp-content/themes/Xanadu/timthumb.php on line 880

    Warning: file_exists() [function.file-exists]: open_basedir restriction in effect. File(/usr/local/apache/htdocs/www/go-neri.16mb.com/wp-content/uploads/2011/12/Untitled-1.jpg) is not within the allowed path(s): (/home/:/usr/lib/php:/tmp) in /home/u761038559/public_html/wp-content/themes/Xanadu/timthumb.php on line 880

    A TimThumb error has occured

    The following error(s) occured:
    Could not find the internal image you specified.

    Query String : src=http://go-neri.16mb.com/wp-content/uploads/2011/12/Untitled-1.jpg&h=250&w=510&zc=1
    TimThumb version : 2.8.4
    cache = 777
    directories ‘above’ the timthumb.php file are set to a normal level of permissions

    i hope you can help me.,.
    thanks before

  28. i’m having trouble updating my images.
    I rename each image according to username.
    So for example, my image is tamara.jpg.
    When I upload a new image, it will be renamed tamara.jpg again and should overwrite the old one. However, if I set on the cache for both server and browser, the new upload is not displayed correctly, unless I make a hard refresh to the browser.
    Without cache, the page load slow. How do I keep cache, but also to update the file with the new one and still keeping the same image file name?
    Is there a function to specifically destroy the old cache before saving the new image ?

  29. Pingback: Installing the Theme « Ecommercesystems Wiki Site
  30. I am trying to use TimThumb in an application called SliderPro.

    But the images are coming up as broken no matter what I do.

    If you look at
    http://207.58.152.123/~comp4cam/wp-content/plugins/slider-pro/includes/timthumb/timthumb.php?q=100&w=43&h=43&a=cc&src=http://207.58.152.123/~comp4cam/wp-content/uploads/tobi.jpg

    You’ll probably seen an error that looks like:
    500 Internal Server Error
    The request was not completed. The server met an unexpected condition.

    when I try to go to the above link.

    The permissions on the folders, even at 777 and the files at 644 just won’t work.

    I’d greatly appreciate any insight to this problem. I’m using also using v2.8.5 if that is important.

    Thanks,
    Gary

  31. Hi Ben,

    Looks like Timthumb generates a bad source for my thumbnails’ image tags. Specifically, I’m getting a lot of extraneous directories before the wp-content, as seen below:

    /var/www/clients/client1/web2/web//wp-content/uploads/2012/01/The-Artist-Poster-32496_140x140.gif

    Any idea on how to prevent this? The image appears as soon as I delete everything before /wp-content.

    1. Hi William – TimThumb doesn’t generate the file path – it only resizes the images that are given to it. That path you have given is created by the theme you are using so you will have to go back to Elegant Themes and have them fix the issue for you. In addition the theme should not be displaying the full file path like that as it could be a security risk.

  32. Addendum to my previous comment:

    I’ve permitted all of the necessary folders. Furthermore, I’m using Timthumb as part of the theme, MyApp, coded by Elegant Themes.

    Please let me know if you need any additional information.

  33. A few more suggestions for your troubleshooting tips list, based on my own experience. These may sound like really dumb mistakes to make, but anything is possible late at night when you’re very short on sleep…

    1. Make sure you know where timthumb.php is in relation to the page you’re calling it on – and if it’s not in the same directory, include the path. For example, if you’ve uploaded the script to /includes on your site, but the page you’re calling it from is somewhere else, you need to alter the code in the examples to use /includes/timthumb.php, not just timthumb.php.

    2. Similarly: know where your image is. When in doubt, reference it by its full path, i.e. /images/cats/lovelycat.jpg or whatever the case may be.

    3. If you create a timthumb-config.php file, don’t just copy the applicable configuration lines from the script that you want into it and leave it at that – remember to include the opening and closing php tags at the beginning and end of the file.

    4. Be sure you actually named it timthumb-config.php and not timthumb_config.php.

    (For bonus screwup points, try accidentally creating config files under both of those names, making all your changes to the one with the wrong name, leaving off the php tags on the one with the correct name, and then wondering why on earth nothing is working. Preferably after having earlier made both of the path errors above, and also forgotten to create a cache folder. I really do need to look into getting more sleep…)

  34. Hello. I’ve upgraded to 2.8.5 from 1.35 but now the images/thumbs do not show and there are no errors. When I downgrade (simple replace) the 2.8.5 script with the 1.35 script. Everything is fine. I’ve checked folder permissions and the other hints on this page. Anything else to check?

    I’m not using it within WordPress if that makes a difference.

    Thanks.

  35. Hi there!
    I hope anyone can help me, I’m having a trouble making TimThumb work in my wordpress theme, the images I upload are not showing, I already changed permissions and put temp and cache in the same folder as thumbnail.php, and updated the version as well, but still coulnd’t solve it, this is my webpage: http://mipisoenvillaverde.es/
    And as you can see the Images below are not showing, they put the title instead, when you right click it says this:
    —————————
    A TimThumb error has occured
    The following error(s) occured:

    Could not find the internal image you specified.

    Query String : src=http://mipisoenvillaverde.es/wp-content/uploads/2012/01/lacasa.jpg&w=390&h=260&zc=1&q=95
    TimThumb version : 2.8.5
    ————————————

    Maybe it is a stupid mistake… but I’m spending lots of hours and I’m not finding the way to solve it T_T… If anyone could help me it would be sooo great. Thank you so much for your time.

  36. Hi! I’ve been trying to troubleshoot timthumb, changing permissions settings, etc. but I still can’t figure out where I’m going wrong. I think what’s happening is that every time the browser is not using its cached images, the script is re-creating the images instead of using the server cached ones.

    If I clear my browser’s cache and then load a page with thumbnails, my shared host’s memory usage jumps to the 512MB maximum and in the timthumb cache folder, I see new timthumb.txt files created when there are already previously existing ones. I’ve only got 12 images, each under 50kb and less than 500x500px, but there are currently 21 timthumb.txt files in the cache folder. I have my timthumb.php set to 644, /scripts set to 755, and /scripts/cache set to 777 (I tried 755 and got the same results).

    Have you run into this before? Do you have any idea what could be causing the huge memory usage and the cache files not being used?

  37. Hello, I have a website where I use the same image from Media Library in multiple posts. Using TimThumb I can only get the image from the first post where it was attached. How can this be resolved?

  38. I’ve just upgraded timthumb to 2.8.5 and I thought I’d start from scratch, given the new parameters timthumb offered with cropping and filters.

    So I deleted my entire cache folder (2495 images) to start from scratch. I uploaded the new temp folder and gave both empty cache/temp folders permission of 755 (tried 777 – didn’t work). Uploaded timthumb 2.8.5 into the same parent folder as cache/temp.

    Refreshed my page and nothing. No thumbnails appear.

    Troubledshooted myself by removing timthumb code from the template file and just defined width and height on the image URL and my thumbnails appear.

    Went back to timthumb code, doubled checked both cache/temp have the right permissions, and changed it to 777 – no thumbnails.

    This is what I’m using inside a basic SRC URL:
    js/timthumb.php?src={IMG_SRC}&w=360&a=c

    I’ve been using timthumb for a couple of years, so I know the php script and folders are in the right place.

    A little help, pls.

  39. Hi,

    Im still having problems with some thumbnails not appearing on my wordpress theme.
    I have checked with host GD lib, 5PHP, chmod correctly, updated timthumb etc.
    Is there anything elese I can do??? I need to launch soon and wondering to ditch the whole project and use something without timthumb.

    To view.. pass view admin view.

    If anyone has any more ideas it would be very much appreciated!

  40. Hi Ben,

    Please add to point number 5, “index.html” inside “cache” directory should have permission at least 666.
    This is as per your latest TimThumb 2.8.5.

    Really nice script though!

    Cheers,
    Eric

  41. Hi Ben,

    I see 403 Forbidden error, when I right click on image and click on View image/

    Can you please tell me what is causing it? I have given all the permission as it is specified above and the problem still persist. It is not displaying images at all.

    Here is the URL for the website I am working on:

    http://114.141.201.183/~joolie/

    If you can please tell me what is the issue, it will be really helpful.

    Thanks in advance for your help.

    Arpita

  42. Below is the error I see in my error log:

    [Wed Feb 08 11:19:20 2012] [crit] [client 60.242.195.35] (13)Permission denied: /home/joolie/public_html/wp-content/themes/fotofolio/scripts/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable, referer: http://114.141.201.183/~joolie/wp-content/themes/fotofolio/scripts/timthumb.php?src=http://114.141.201.183/~joolie/wp-content/uploads/2012/02/Across-the-Universe-1-w.jpg&w=480&h=275&zc=1

    1. Now I know what is preventing it. It’s not allowing because in our WHM, we have mod_security module installed which thinks that it is “PHP Injection attempt in URI”. so it prevents it to display images. can anyone tell me how to allow url passing in the url for only one website from cpanel/whm?

      The error in mod_security plugin says:

      Access denied with code 403 (phase 2). Pattern match “(?:ogg|gopher|zlib|(?:ht|f)tps?)\:/” at ARGS:src. [file “/usr/local/apache/conf/modsec_rules/10_asl_rules.conf”] [line “199”] [id “340026”] [rev “19”] [msg “PHP Injection attempt in URI”] [severity “CRITICAL”]

      Thanks,
      Arpita

  43. Hi,

    I have tried to fix this issue for a couple of weeks now – I am trying to set up a WordPress account on a free hosting site [this might already be the problem]. I have tried 2 free hosting solutions and nothing worked. Each time, the timthumb.php is giving me a 400 Bad request error on the servers. Works fine in localhost, with XAMP, and it doesn’t work on-line.

    You said that if you take a look it takes ~60 secs to know what’s wrong with my site. If this is true, could you help?

    I have the main WP site here, http://www.rususorinvick.eu5.org, and I have tried to follow the demo that you provide (getting started with timthumb) here:
    http://www.rususorinvick.eu5.org/test/index.html

    All the folders and files have 777 on my site (I know it’s risky, but since it isn’t online yet, I can take the risk), and the script is updated. The PHP scripts are updated, just copied the Google PHP code a couple of minutes ago, and the Server has GD support, version 2, enabled.

    Does anyone have an idea of the nature of the problem I am facing?
    Thank you very, very much!

    1. The scripts should not have 777 permissions. The only thing that should have permissions set to 777 is the cache directory – everything else should be default.

      1. Hey Ben,

        Thanks for replying so quickly. In my second link, the test folder, http://www.rususorinvick.eu5.org/test/index.html, everything is left ot default, and only the cache folder is 777. And I still get the same types of errors, the 400 Bad request.

        I am starting to think this is a server issue, since on localhost it works without a problem. And with free accounts the only answer I got from their support was pay up and we will help.

        That’s why I was hoping somebody else knows why I’m getting the Bad request errors. What server configuration I am missing.

      2. you’ve set the url to use your ftp info, which is something TimThumb has not been developed to do. I suspect that’s the reason it’s not working properly.

  44. Hello Sir Ben,

    I have poured over forums and tips on how to possibly solve my problem, but unfortunately couldn’t resolve it until now. So now I am left with no other recourse but to ask it here.

    I had been using timthumb for almost 3 years now at one of my site (shopeightdaysaweek.com) and had no problems ever since. Recently, I had to update my wordpress (from v3 to v3.3) and I think that’s when it all started.

    Thumbnails are still being generated, but other random thumbnails are not displaying at all. Sometimes, those that are not displaying will be displayed, sometimes, all will be displayed, and in other times, most thumbnails will not be displayed at all.

    I have followed every tips you have posted on this page but to no avail. I have also installed the latest timthumb.php from google. Here is the latest entry from my error.log, which I found recurring.

    [20-Feb-2012 12:55:10] PHP Warning: filemtime() [function.filemtime]: stat failed for cache/f4e9f4da7fbcc42567ac2ca4a98e125b.jpg in /home/shopei/public_html/wp-content/themes/mainsite/timthumb.php on line 372

    I am not a coder, but I can get my hands dirty with it. I would appreciate any help you would give me.

    Sincerely,
    om

    1. If the filemtime stat failed then it probably means the file couldn’t be found or accessed for some reason. You say it’s working for some images so it must be an issue specific to the images that don’t work.

  45. Hi there,

    I am having trouble with a dynamic image, its php and is serving the image/jpeg content type.

    TimThumb says it is not a valid image. If I include the dynamic image in a page, it works, or if I go to it in a browser directly it works. Any ideas of how I can correct this? I have used the urlencode as suggested.

    Thanks,

    Ben

    1. I am not sure resizing a php generated image will work. If the image you are generating is created with PHP why can’t you just resize that image in the php and not use Timthumb at all?

      1. I have a similar question — I’m trying to dynamically resize an image made from an image gallery (that’s corporate-mandated, so I can’t change it) which spits out its img srcs as .php files with a crazy long query to identify the individual image.

        Is it all possible to run timthumb.php over a php-extensioned image? Every time I try it and view the image URL, it just takes me right back to timthumb.php.

      2. Replying to my own question – I found the easiest workaround was to grab the .php image, save it with createimagefromjpeg() and then use that image.

  46. You say:
    “For TimThumb to work properly you need to have 2 cache directories. One called cache and one called temp. ”
    But where should these be located? Part of the Easyphp install? Part of the wordpress install?
    Thanks!

    1. You only need 1 cache directory now – it should be called cache and be in the same folder as the timthumb script (as mentioned in the following question :)).

  47. Hi guys,

    May be you know what can help with the below:

    I use timthumb. It displays thumbnails correctly.
    But one day my website was attacked and one of security advises was to disallow an access to timthumb in .htaccess file.

    The advice is to have the following code in .htaccess:

    Deny from all

    As a result of that thumbnails does not appear.

    If I remove timthumb from .htaccess all thumbnails appear.

    Is it possible to keep “deny from all” and get timthumb working?
    (I don’t want to clean my my web site because of a similar hacker attack any more :))

    Thanks heaps for any ideas.

  48. Sorry, in my message above instead of “Deny from all” it should read (I inserted empty spaces so it appears here):

    Deny from all

  49. Ah, the code does not insert :)))
    Ok, the last try, I removed some symbols, hopefully it gives an idea what I’m talking about:

    in .htaccess:

    FilesMatch ( timthumb . php )
    Deny from all
    FilesMatch

  50. I am getting consistent problems with what I believe to be timthumb on many different types of gallery plugins. The plugin developers/my hosting company have been unable to help me so far and I am at wit’s end.

    This is the page in question. http://www.calicocreative.co.uk/work I have changed permissons etc exactly as stated but to no avail.

  51. Hi Ben,

    I have been having an issue where none of the images will display.

    I have gone through all the steps stated above and I am still having problems. I am running version 2.8.10 please check the site and have a look.

    new.durhammontessori.com

    I go directly to the path for an image I get the error that timthumb can’t find the image however if I use the path it trying on its own it works just fine.

    As I said above all is has been tried. Permissions, Check GD is installed and still nothing.

    Please help as this an urgent matter.

    Thanks!!!

  52. I’m hosting on windows IIS and have tried everything. Permissions are not a problem as I have the entire directory Full Access to Everyone.

    The images are in the right place.

    Many posts point to an issue with slashes on Windows vs.Linus. Does 2.8.10 address this issue?

    Thanks

    /Eric

    1. Sounds like permissions could be the problem. The only directory with 777 permissions should be the cache directory. Nothing else (including files). I’m not aware of any problems with slashes on Windows but I don’t have a windows server to test on.

  53. Hi Ben,

    I am having problems with timthumb showing thumbnails on our site.
    We are using Kernel Theme from Orange themes.

    after I click on the image and choose View Image, I get this error message:
    The image “http://blog.xyz.sk/wp-content/themes/kernel-theme/timthumb.php?src=http://blog.xyz.sk/wp-content/uploads/2012/03/pic05.jpg&w=210&h=150&zc=1&q=100” cannot be displayed, because it contains errors

    In the FireBug console I am getting this error:
    Image corrupt or truncated: http://blog.vetpoint.sk/wp-content/themes/kernel-theme/timthumb.php?src=/wp-content/uploads/2012/03/pic05.jpg&w=70&h=70&zc=1&q=100

    The thing is, that I got this errors only on the server, not on my local machine. on localhost everything is fine.

    I tried all the steps you mentioned above (Cache Directory Permissions, File Permissions, server requirements,image formats) and all is good and checked.

    do you have any idea what I am doing wrong? or where should be the problem?

    thanks a lot
    Tom

  54. Hi I am having issues with the timthumb script, like most users it does not find the path to my images even though they exist. Please advise as it has taken me weeks to try trouble shoot and noone has the right answer. The host has GD enabled and do not block timthumb. I have tried changing the directory permissions to 777 and 755 and the script dir permissions are 777 as required. site = http://www.southern-export.com

    1. You can see the error when you view it. It’s a directory permissions issue. Not a TimThumb problem I’m afraid.

  55. What an incredible script! A massive contribution and an equal thank you.

    Unfortunately, I believe there is a bug in version 2.8.10 which produces a Network Error 400 Bad Request on images.

    I haven’t been able to resolve this and I feel I have done a thorough job on crossing all the T’s and dotting the I’s, based on tips here at BinaryMoon as well as the many resources out on the ‘Net.

    In short, images are never loaded. On the front-end, all src attributes in the image tags are empty. Here is what the error on the back-end looks like:

    NetworkError: 400 Bad Request – http://www.domain.com/x/x/wp-admin/timthumb.php?src=undefined&w=100&h=50&zc=1

    Any insight would be greatly appreciated!

    – GD Image Library Installed
    – PHP 5.2.17
    – Cache folder in same directory as timthumb.php
    – Have tried 777/775 on cache
    – Have tried 644,755,775,777 on parent directories, even though you do not recommend it on your Help/Tips above
    – timthumb.php is set to 644, although I have tested with 755, 775, 777
    – Have set to debug true level 3

    Error Log:

    [Fri May 04 14:42:11 2012] [error] [client 1.1.1.1] TimThumb Debug line 1132 [0.002670 : 0.000187]: Could not find the local image: , referer: http://www.domain.com/x/x/wp-admin/admin.php?page=slider-manager
    [Fri May 04 14:42:11 2012] [error] [client 1.1.1.1] TimThumb Debug line 1132 [0.002699 : 0.000026]: Adding error message: Could not find the internal image you specified., referer: http://www.domain.com/x/x/wp-admin/admin.php?page=slider-manager

    But these errors are expected as the image is never allocated to the cache folder. No issues uploading to the uploads directory. The variated resized images appear just fine and they are accessible by direct URL entry in the browser.

    This is the only wildcard I can see but do not know how to repair it:

    timthumb.php?src=undefined

  56. Hi Ben,

    For some reason, the thumbnails are not coming out as the whole image, the thumbnail is just a small portion of it (which does not look good). Can you give me an idea of what to do to fix it?

    Thank you!

    Dave

    1. Hi Luca – I am afraid it’s not possible, no. Forcing jpg would remove transparency from the images

  57. Can you help me figure out what is going on with thumbnails on my site?

    The site is http://bradamfg.com/dev/ — the gallery is here: http://bradamfg.com/dev/gallery/

    A TimThumb error has occured
    The following error(s) occured:

    Could not find the internal image you specified.

    Query String : src=http://bradamfg.com/dev/wp-content/uploads/2012/05/IMG_0038.jpg&w=248&h=148&zc=1&q=90
    TimThumb version : 2.8.10

    The file specified is not being created, and this is also not the cache folder. Do I just need to fix a path issue or something in the timthumb.php? Or maybe in the wp admin?

    Thanks.

  58. Hello,
    I need some of your amazing 60 second expertise on Wine World & Spirits
    I have made sure that I have the latest version of the script and I have a cache directory, with 777 permissions right next to the timthumb.php file which contains files.
    However, Hostgator has blocked our account twice for using >75% of the CPU and they say timthumb is the culprit. Today 5 IP addresses had 16 requests open for /timthumb.php?src=http:

    Please advise because I am going nuts with the problem. Thank you in advance

  59. Sometimes it happens that some images do not show. I can`t use cache.
    Do I need to set a some variable or parameter in script.
    Here is my site oglasi-auto.rs.
    Thanks !!!

  60. I’ve used timthumb successfully in many projects but today I’ve put a site live and I have a strange issue – the thumbs load sometimes and not other times. Refresh the page, some thumbs load, some don’t. Refresh again and some different thumbs load and some different ones don’t. I’ve been googling for info but not found anything about this particlar bizarre behaviour.

    I suspect that the problem is actually NOT with timthumb but I wonder if anyone has encountered this issue before?

    The dev version of the site is fine, but the live version, hosted on 123reg.co.uk server (not my choice, the client’s) is misbehaving.

    I’m using the very latest version of timthumb and the fact that it works fine on one server and not another leads me to think it’s a server issue. If it wasn’t working at all I would have a better chance of debugging it but because it seems to work randomly, this has me really confused! The cache folder has lots of images in! Oh… I wonder if it’s a disc space issue! … will go and look at that now!

    1. Hi there – I am afraid I haven’t seen this before so am not sure what the issue could be 🙁 Would be interested to hear if you can work out a solution though!

    2. Hi Flemming/Ben

      I am having exactly the same issue with a theme being hosted on 123-reg.co.uk.

      Did you get to the bottom of it and if so can you tell what your solution was! I have a horrible feeling it is going to involve moving my client’s host 🙁

      Thanks

      1. Hi Chris,

        the problem (in my case anyway)was a php memory issue (not enough memory to even get the cached thumbs!) and the only way to resolve it was to change host!

        123reg said that upgrading to a vps would solve the issue but that seemed like total overkill for the problem! Hope that helps!

  61. Hello Ben,

    Right now we moved from one server to another and the site is working fine expect the slideshow does not display on some IE browsers. Any idea on how to fix this?

    Thank You!!!

  62. Thumbnails don’t load at main page, but images are showed at post pages. Trying open the thumbnails images in a new tab, the following error message appears:

    —————-
    A TimThumb error has occured

    The following error(s) occured:
    Could not find the internal image you specified.

    Query String : src=http://dicagames.com.br/wp-content/uploads/2012/07/CapaPacman.jpg&w=200&h=200&zc=1&a=c
    TimThumb version : 2.8.10
    —————–

    Tried to change permissions, put cache folder with timthumb, nothing worked.
    (Using WPZoom Morning Theme).

  63. I want to stop receiving comments from this thread. Your unsubscribe link doesn’t work – it takes you to a page that does not offer the option to unsubscribe. Please remove me.

    Thank you!

  64. Hi,
    I am trying to configure TT on my website but I can’t make it work on “internal dinamic images”… I want to resize this image:

    http://diego.gonzocalcio.it/img/gusLayer/?t=magliab&i=M1:FF0000;M3_12:FF0000;M2_12:FFCC00;P1:FFFFFF;P2_2:FF0000;M:000000;P:000000 (dinamically generated)

    I can’t make it work using TT:

    http://diego.gonzocalcio.it/lib/timthumb/timthumb.php/?w=63&h=63&src=http%253A%252F%252Fdiego.gonzocalcio.it%252Fimg%252FgusLayer%252F%253Ft%253Dmagliab%2526i%253DM1%253AFF0000%253BM3_12%253AFF0000%253BM2_12%253AFFCC00%253BP1%253AFFFFFF%253BP2_2%253AFF0000%253BM%253A000000%253BP%253A000000 (urlencoded full url of the previous images)

    Please note that TT works fine with every other image on the website…

    Hope you can help,
    best regards
    DV

  65. Hey Ben!

    Can you help me.

    I use timthumb.php on localhost, run fine but when php upload to the server unusable.

    Can you guide me how to proceed. thanks a lot

    1. Hi – you will need to talk to the people who made your theme. The issues are with how the theme was set up and nothing to do with TimThumb.

  66. I can’t seem to use images over 1000px in my portfolio for timthumb to create a thumb. I’ve increased the memory_limit to no avail.
    Is there any other settings i can make to php.ini or anywhere that will let me use large images between 1000-2000px?

    1. You may need to tweak some of the constants in the TimThumb file itself. Have you tried that? There’s a memory limit settings, and some settings to do with maximum sizes.

  67. I have nearly 20 websites on wordpress all of them were using timthumb.php. Over the last three months my ISP has shut down three of the websites because of CPU overload caused by timthumb.php. Since then I have changed the templates to display wordpresses’s default thumbnail (150X150 pixel) image.

    1. sorry to hear you’ve had problems with TimThumb. I too use the standard thumbnails wherever possible as static images will always be quicker. Make sure you’re running the latest version of TimThumb as it has a lot of speed improvements over the old version.

  68. Hello,

    We have used the excellent timthumb plugin for a year now without problems on our school newspaper. Last week our host moved the site to another server (without warning) and since the reduced pictures on our frontpage have disappeared. On the error log we get the message: [19-Sep-2012 15:56:13 UTC] PHP Deprecated: Function eregi() is deprecated in /home/(…)/wp-content/themes/arthemia/scripts/timthumb.php on line 224.

    How can this be solved? We searched for many hours to no avail.

    Thanks for helping us out!
    H. Pelissier

    1. It sounds like PHP has been upgraded. You should make sure you have updated TimThumb to the latest version as this fixes all the deprecated issues.

  69. I’ve been having issues troubleshooting TimThumb on my website. When I have the /temp/ and /cache/ folders set for 755 I get a permissions error — when I set them to 777 the script hangs up, continually loading and doesn’t give me any error messages, which is making it difficult for me to troubleshoot. When those folders are at 755 the images will show as broken image icons — when I use 777 it doesn’t show the icons.

    If I try loading the TimThumb.php script by itself I get a “No image specified” error. If I try opening the image on it’s own I can access it.

    My website is currently a test site on an external IP and I’m poisoning my host file to see it on it’s future domain name — would this affect the way TimThumb works, or is it likely a server issue?

    I’m running TimThumb 2.8.10 and PHP 5.2.6. The GD package is installed & enabled. Any other things I could test? I had TimThumb functioning correctly on my MAMP server and then a staging website, but since I’ve moved it over to the production website I can’t seem to get it to work. It’s especially difficult as it’s not giving me any error messages.

    Thanks!
    Lindsay

  70. I really need some help here. My images won’t display and I’ve tried everything. I changed the permissions to 777 for timthumbs.php and cache and the includes folder but that didn’t help at all.

    Any help would be greatly appreciated.

  71. HostGator suspended me cuz of TimThumb scripts saying its causing high CPU load and ordered me to enable caching for this script to reduce the load
    is there any recommendations to reduce the load ?
    note:im on shared hosting plan

  72. Hi Ben,
    I am a really a novice when it comes to websites but I have had to rebuild mine after it was hacked. I am using a theme I purchased from themeforest and I am using the plugin ajaxgrid which uses the timthumb php file. I have made sure that the cache file has permission 777, but when I try to use the plugin I am finding that the timthumb file isn’t resizing the image and says it isn’t a valid image. The plugin uses the featured image, so what I have tried doing is using a specific link to an image in my content/uploads folder and it still wont resize. The author of the plugin has been very helpful, but he believes it will be a timthumb issue and there is a very high likelyhood it is something I am not doing. I am using a completely fresh install of wordpress 3.4.2 and the wpajax grid is the only plugin I have installed.
    So if I want an image to be resized, do I have to physically enter in the image in the php file? or is it done automatically?
    Like I said I am very very green, so please be gentle! 😉

    Regards

    James

  73. hi,

    i tested some wordpress plugins (advanced recent posts widget and super recent posts) based on timthumb but none of them are working correctly! When using absolute path in url i get an 403:

    http://www.graustufe.at/wp-content/plugins/advanced-recent-posts-widget/timthumb/thumb.php?src=http://www.graustufe.at/wp-content/uploads/20090301_klimtvilla.jpg&h=100&w=250&z=0

    when using the relative url, it works like a charm:

    http://www.graustufe.at/wp-content/plugins/advanced-recent-posts-widget/timthumb/thumb.php?src=/wp-content/uploads/20090301_klimtvilla.jpg&h=100&w=250&z=0

    timthumb folder is 777 (tried 755, 700, 711), cache is 777 as well, index.html in cache is 666, thumb.php is 755, i also added the address graustufe.at to the allowed sites array, to no avail! what’s wrong with my setup?

    greetings
    alexander

  74. For everyone with the “open_basedir restriction in effect” problem
    Here’s the solution that worked for me.

    Create a config file called timthumb-config.php in the same directory as your timthumb.php (That directory worked for me. It may need to be in another directory for your installation)
    Enter the following string in the file
    define(‘LOCAL_FILE_BASE_DIRECTORY’, ‘your_home_directory’);
    your_home_directory should be the home directory part from the error message.

    For instance, in MORGAN’s message, above, you can see
    /home/a5824105/public_html/wp-content/themes/tarnished-theme/tarnished/lib/scripts/timthumb.php
    The ‘your_home_directory’ would be /home/a5824105/public_html/

    That solved it for me.

  75. I´m having a similar issue to people on here. I think my problems go back to updating to wordpress 3,4,2- since then all the images on my portfolio page visualoriginal.com/portfolio are hanging, and my site is overloaded for 5 mins making it impossible to look at any other pages. Does anyone know what the best solution is?

  76. Problem with slider

    A TimThumb error has occured
    The following error(s) occured:

    Could not find the internal image you specified.

    Query String : src=http://beppewp.altervista.org/wp-content/uploads/2012/11/divergal-slidesample266.jpg&h=345&w=960&zc=1
    TimThumb version : 2.8.10

  77. Hi, I have a WordPress website hosted locally on my machine for a development instance. The theme uses TimThumb for image processing. The ‘Featured Image’ in a post, does not work on localhost and it does not show me the thumbnails. It just shows me a link to the image. However it works perfectly fine on my live website. Could you please help me fix this?

Leave a Reply

Your email address will not be published. Required fields are marked *