PEAK XOOPS - Help: Protector Check Results

Top > XOOPS Modules > Protector (Previous topic|Next topic)

Help: Protector Check Results

You cannot open a new topic into this forum
Guests cannot post into this forum

Tree order Newer is upper

Help: Protector Check Results

msg# 1

Previous post - Next post | Parent - Children.1 | Posted on 2005/1/20 5:46

tripmon

Posts: 14

Could you please advise what this means, where I can go for additional information, or what I should do to correct the items below.

This is the result of " Security Advisory" link in Protector.
--------------------------------------------
Check if Protector works well

Contaminations:
http://myxoopssite.com/?xoopsConfig[nocommon]=1

Isolated Comments:
http://myxoopssite.com/?cid=%2Cpassword+%2F%2A
-------------------------------------------

This is in xoops ver 2.0.9.2 with protector ver. 2.22.

Thanks,
Tripmon

Votes:0 Average:0.00

Re: Help: Protector Check Results

msg# 1.1

Previous post - Next post | Parent - Children.1 .2 | Posted on 2005/1/20 6:02

GIJOE

Posts: 4110

This is just a checker.
Don't mind about it if you need not.

Votes:0 Average:0.00

Re: Help: Protector Check Results

msg# 1.1.1

Previous post - Next post | Parent - Children.1 | Posted on 2005/1/20 7:09

tripmon

Posts: 14

Thank you GIJOE;

Great Work on everything!

Votes:0 Average:0.00

Re: Help: Protector Check Results

msg# 1.1.1.1

Previous post - Next post | Parent - Children.1 | Posted on 2005/5/22 2:20

sglink

From: Singapore Posts: 2

well, if this is ok, then why it come out ?
maybe the developer should remove it ?

Votes:0 Average:0.00

Re: Help: Protector Check Results

msg# 1.1.1.1.1

Previous post - Next post | Parent - Children.1 | Posted on 2005/5/25 5:57

GIJOE

Posts: 4110

hi sglink.

I can't understand what you mean.
These codes work usable checkers against some attack patterns.

Votes:0 Average:0.00

Re: Help: Protector Check Results

msg# 1.1.1.1.1.1

Previous post - Next post | Parent - Children.1 | Posted on 2005/5/27 2:16

sglink

From: Singapore Posts: 2

are they problems ? If not , why was it shown ?

Contaminations:
http://myxoopssite.com/?xoopsConfig[nocommon]=1

Isolated Comments:
http://myxoopssite.com/?cid=%2Cpassword+%2F%2A
-------------------------------------------

Votes:0 Average:0.00

Re: Help: Protector Check Results

msg# 1.1.1.1.1.1.1

Previous post - Next post | Parent - Children.1 | Posted on 2005/5/27 5:18

GIJOE

Posts: 4110

Have you read this thread?

This is a sample code for attacking.
Protector checks some patterns like attacks.

Votes:0 Average:0.00

Re: Help: Protector Check Results

msg# 1.1.1.1.1.1.1.1

Previous post - Next post | Parent - Children.1 | Posted on 2005/8/5 22:56

FireHorse

Posts: 8

I used the links to test and it works fine, when I log back in I try to delete the log abd get this error

Turn your REFERER on

can you explain plz

Votes:0 Average:0.00

Re: Help: Protector Check Results

msg# 1.1.1.1.1.1.1.1.1

Previous post - Next post | Parent - No child | Posted on 2005/8/6 5:40

GIJOE

Posts: 4110

Quote:

Turn your REFERER on

As you see.
Your HTTP_REFERER is blocked by Norton etc.
It's quite FAQ.

Votes:0 Average:0.00

Re: Help: Protector Check Results

msg# 1.1.2

Previous post - Next post | Parent - Children.1 | Posted on 2005/8/16 0:18

ThDane

Posts: 5

After trying these 2:

Contaminations:
http://myxoopssite.com/?xoopsConfig[nocommon]=1

Isolated Comments:
http://myxoopssite.com/?cid=%2Cpassword+%2F%2A

I got two log tekst's about those "test attack's"
when I mark and push remove all I get is a white page
telling me "Turn your REFERER on" what is that and how do I turn it on,
I did read the thread but did'nt find any solution to it

Im using xoop's 2.21 + Protector 2.50b2.
I have my server on the same machine I managed it from

How do I delete the log's in protector?

btw. I've just installed the new xoops2.21 and this protector, the old version of xoops and protector did never give me this problem.

Votes:0 Average:0.00

Re: Help: Protector Check Results

msg# 1.1.2.1

Previous post - Next post | Parent - Children.1 | Posted on 2005/8/16 6:23

GIJOE

Posts: 4110

hi ThDane.
Quote:

I got two log tekst's about those "test attack's"
when I mark and push remove all I get is a white page
telling me "Turn your REFERER on" what is that and how do I turn it on,
I did read the thread but did'nt find any solution to it

Im using xoop's 2.21 + Protector 2.50b2.
I have my server on the same machine I managed it from

How do I delete the log's in protector?

btw. I've just installed the new xoops2.21 and this protector, the old version of xoops and protector did never give me this problem.

It sounds strange.
I've just checked core 2.2 and Protector, and it works fine if REFERER is turned on.

If you turn REFERER off by Norton or etc. , almost operation of XOOPS will not work well.

For checking, try to use the other browser.

Votes:0 Average:0.00

Re: Help: Protector Check Results

msg# 1.1.2.1.1

Previous post - Next post | Parent - Children.1 | Posted on 2005/8/16 7:12

ThDane

Posts: 5

Hi!

I'm not using Norton, and same fault with IE and Maxthon browser.

What is this REFERER and what does it do?

I did not have that problem with earlier versions of xoops and protector.

Votes:0 Average:0.00

Re: Help: Protector Check Results

msg# 1.1.2.1.1.1

Previous post - Next post | Parent - Children.1 | Posted on 2005/8/20 5:40

GIJOE

Posts: 4110

Though I don't see the true reason, you can try this.

line 16 in admin/index.php

	// Checking Referer deeply against CSRF
	if( strpos( $_SERVER['HTTP_REFERER'] , XOOPS_URL.'/modules/protector/admin/' ) !== 0 ) {
//		die( "Turn your REFERER on" ) ;
	}

Votes:0 Average:0.00

Re: Help: Protector Check Results

msg# 1.1.2.1.1.1.1

Previous post - Next post | Parent - No child | Posted on 2005/8/20 22:01

ThDane

Posts: 5

Thanx, that made the difference, now it work's as it used to

btw. thanx for the great work on the modules.

Votes:8 Average:0.00

Tree order Newer is upper

Lost Password?

Register now!