msg# 1
Could you please advise what this means, where I can go for additional information, or what I should do to correct the items below.
This is the result of " Security Advisory" link in Protector.
--------------------------------------------
Check if Protector works well
Contaminations:
http://myxoopssite.com/?xoopsConfig[nocommon]=1Isolated Comments:
http://myxoopssite.com/?cid=%2Cpassword+%2F%2A-------------------------------------------
This is in xoops ver 2.0.9.2 with protector ver. 2.22.
Thanks,
Tripmon
Votes:0
Average:0.00
msg# 1.1
This is just a checker.
Don't mind about it if you need not.
Votes:0
Average:0.00
msg# 1.1.1
Thank you GIJOE;
Great Work on everything!
Votes:0
Average:0.00
msg# 1.1.1.1
sglink
From: Singapore
Posts: 2
well, if this is ok, then why it come out ?
maybe the developer should remove it ?
Votes:0
Average:0.00
msg# 1.1.1.1.1
hi sglink.
I can't understand what you mean.
These codes work usable checkers against some attack patterns.
Votes:0
Average:0.00
msg# 1.1.1.1.1.1
sglink
From: Singapore
Posts: 2
are they problems ? If not , why was it shown ?
Contaminations:
http://myxoopssite.com/?xoopsConfig[nocommon]=1Isolated Comments:
http://myxoopssite.com/?cid=%2Cpassword+%2F%2A-------------------------------------------
Votes:0
Average:0.00
msg# 1.1.1.1.1.1.1
Have you read this thread?
This is a sample code for attacking.
Protector checks some patterns like attacks.
Votes:0
Average:0.00
msg# 1.1.1.1.1.1.1.1
I used the links to test and it works fine, when I log back in I try to delete the log abd get this error
Turn your REFERER on
can you explain plz
Votes:0
Average:0.00
msg# 1.1.1.1.1.1.1.1.1
Quote:
As you see.
Your HTTP_REFERER is blocked by Norton etc.
It's quite FAQ.
Votes:0
Average:0.00
msg# 1.1.2
After trying these 2:
Contaminations:
http://myxoopssite.com/?xoopsConfig[nocommon]=1Isolated Comments:
http://myxoopssite.com/?cid=%2Cpassword+%2F%2AI got two log tekst's about those "test attack's"
when I mark and push remove all I get is a white page
telling me "Turn your REFERER on" what is that and how do I turn it on,
I did read the thread but did'nt find any solution to it
Im using xoop's 2.21 + Protector 2.50b2.
I have my server on the same machine I managed it from
How do I delete the log's in protector?
btw. I've just installed the new xoops2.21 and this protector, the old version of xoops and protector did never give me this problem.
Votes:0
Average:0.00
msg# 1.1.2.1
hi ThDane.
Quote:
I got two log tekst's about those "test attack's"
when I mark and push remove all I get is a white page
telling me "Turn your REFERER on" what is that and how do I turn it on,
I did read the thread but did'nt find any solution to it
Im using xoop's 2.21 + Protector 2.50b2.
I have my server on the same machine I managed it from
How do I delete the log's in protector?
btw. I've just installed the new xoops2.21 and this protector, the old version of xoops and protector did never give me this problem.
It sounds strange.
I've just checked core 2.2 and Protector, and it works fine if REFERER is turned on.
If you turn REFERER off by Norton or etc. , almost operation of XOOPS will not work well.
For checking, try to use the other browser.
Votes:0
Average:0.00
msg# 1.1.2.1.1
Hi!
I'm not using Norton, and same fault with IE and Maxthon browser.
What is this REFERER and what does it do?
I did not have that problem with earlier versions of xoops and protector.
Votes:0
Average:0.00
msg# 1.1.2.1.1.1
Though I don't see the true reason, you can try this.
line 16 in admin/index.php
// Checking Referer deeply against CSRF
if( strpos( $_SERVER['HTTP_REFERER'] , XOOPS_URL.'/modules/protector/admin/' ) !== 0 ) {
// die( "Turn your REFERER on" ) ;
}
Votes:0
Average:0.00
msg# 1.1.2.1.1.1.1
Thanx, that made the difference, now it work's as it used to
btw. thanx for the great work on the modules.
Votes:8
Average:0.00