Arrow Home arrow Forums
larger font smaller font default font Fixed screen resolution Auto adjust screen size

Joomlapolis Forums  


Boardwalk :: Forum List Important Content Community Builder Article Discussions
<< Start < Prev 11 12 13 Next > End >>
Re:Security Release - CB 1.0.1 - RELEASED!
Date: 2006/08/26 08:52 By: plavanie Status: User  
Karma: 0  
Fresh Joomlapolitan

Posts: 9
graphgraph
I found a partial answer to this question - I put php.ini file to the root folder of my site to apply register_globals=off settings, but it did not affect all other directories.

Now I have to ask 1and1 how to apply changes to all the directories.

Is there any other way to prevent these attacks with register_globals=on?
Sincerely,
www.Plavanie.com
info@Plavanie.com
Click here to see the profile of this user The administrator has disabled public write access.

Re:Security Release - CB 1.0.1 - RELEASED!
Date: 2006/08/27 23:11 By: beat Status: Admin  
Karma: 256  
Admin

Posts: 4215
graphgraph
plavanie wrote:
Please help urgently.

I found this string in access log:

xxxxxx

I changed some information with xxxxxxxx to prevent another attack based on this post.

Please let me know what changes need to be done to prevent hacker attacks like this.

ADMIN EDIT: Changed more with xxxxx to avoid giving hacker-info on this site.<br><br>Post edited by: beat, at: 2006/08/27 23:09

Community Builder 1.0.1 is safe against this attack, whatever your php settings are.

However, we strongly recommend the settings given in our homepage for other components and generally.
Beat - Developer on Community Builder core Team
- If you like CB and this forum, you will love Nick's CB 1.2 RC4 reference manual ! : Click here to Get it now
- Would like to help us move faster ? Get it, and/or help us spend more time coding by helping others in this forum, many thanks
Click here to see the profile of this user The administrator has disabled public write access.

Re:Security Release - CB 1.0.1 - RELEASED!
Date: 2006/09/18 19:51 By: averan Status: User  
Karma: -1  
Fresh Joomlapolitan

Posts: 24
graphgraph
upgraded manually, also using Araxis so as to preserve all my custom code.....all seems fine with the small exception that now all empty custom fields are shown with "array" as the value!

this only happens for new users registering and does not affect existing users retroactively.

anyone know how to correct this?
Click here to see the profile of this user The administrator has disabled public write access.

<< Start < Prev 11 12 13 Next > End >>
Boardwalk :: Forum List Important Content Community Builder Article Discussions

Joomlaboard Forum Component 1.1.3 Stable
Two Shoes M-Factory

Documentation

Documentation Subscription Service
(updated for CB 1.2 RC4)

What?

Why?

Where?

Just click here for answers!

Click here for a yearly subscription: subscribe now

Download Latest Release

The latest stable Community Builder Release is version 1.1 for Joomla 1.0 and Mambo.
You need to be a registered member of Joomlapolis to download.

The latest release candidate of Community Builder is version 1.2 RC4, native for Joomla 1.0, 1.5 and Mambo.
It is available as "thank you" to all CB documentation subscribers and now also to all registered joomlapolitans.

CB Login