1. Forums
  3. Archive
  5. Important Content
  7. Community Builder Article Discussions
  9. Security Release - CB 1.0.1 - RELEASED!

Security Release - CB 1.0.1 - RELEASED!

17 years 8 months ago #19636 by plavanie
Replied by plavanie on topic Re:Security Release - CB 1.0.1 - RELEASED!
I found a partial answer to this question - I put php.ini file to the root folder of my site to apply register_globals=off settings, but it did not affect all other directories.

Now I have to ask 1and1 how to apply changes to all the directories.

Is there any other way to prevent these attacks with register_globals=on?
Sincerely,
www.Plavanie.com
info@Plavanie.com

Please Log in to join the conversation.

17 years 8 months ago #19717 by beat
Replied by beat on topic Re:Security Release - CB 1.0.1 - RELEASED!
plavanie wrote:

Please help urgently.

I found this string in access log:

xxxxxx

I changed some information with xxxxxxxx to prevent another attack based on this post.

Please let me know what changes need to be done to prevent hacker attacks like this.

ADMIN EDIT: Changed more with xxxxx to avoid giving hacker-info on this site.

Post edited by: beat, at: 2006/08/27 23:09


Community Builder 1.0.1 is safe against this attack, whatever your php settings are.

However, we strongly recommend the settings given in our homepage for other components and generally.
Beat - Community Builder Team Member

Before posting on forums: Read FAQ thoroughly -- Help us spend more time coding by helping others in this forum, many thanks :)
CB links: Our membership - CBSubs - Templates - Hosting - Forge - Send me a Private Message (PM) only for private/confidential info

Please Log in to join the conversation.

17 years 7 months ago #21118 by averan
Replied by averan on topic Re:Security Release - CB 1.0.1 - RELEASED!
upgraded manually, also using Araxis so as to preserve all my custom code.....all seems fine with the small exception that now all empty custom fields are shown with "array" as the value!

this only happens for new users registering and does not affect existing users retroactively.

anyone know how to correct this?

Please Log in to join the conversation.

Moderators: beatnantkrileon
  1. Forums
  3. Archive
  5. Important Content
  7. Community Builder Article Discussions
  9. Security Release - CB 1.0.1 - RELEASED!
Time to create page: 0.236 seconds

Facebook Twitter LinkedIn

    You are here:  
  1. Home
  2. Forums
  3. Archive
  4. Important Content
  5. Community Builder Article Discussions
  6. Security Release - CB 1.0.1 - RELEASED!

Search

Login / Logout

User Menu