Security attack stoped

Reply·Subscribe
Eli
EliAdvanced
870 posts
0
 

Hi,

Today i handed my template to be sorted out by the developers and when back home and checked my email i found this for the first time : Do i have to worry ? or it may be just developers working on my template ?

Thanks for your help

Total impact: 5<br/> Affected tags: Command Execution, id<br/> <br/> Variable: GET.bubbles | Value: AddContent:NaN,Mail:0,Friends:0,Shopping Cart:0,Spy:0,<br/> Impact: 5 | Tags: Command Execution, id<br/> Description: Detects remote code exectuion tests. Will match "ping -n 3 localhost" and "ping localhost -n 3" | Tags: Command Execution, id | ID: 74<br/> <br/> REMOTE_ADDR: xx.x.xxx.114 HTTP_X_FORWARDED_FOR: HTTP_CLIENT_IP: SCRIPT_FILENAME: /home/xxxx/xxxxx/member_menu_queries.php QUERY_STRING: action=get_bubbles_values&bubbles=AddContent%3ANaN%2CMail%3A0%2CFriends%3A0%2CShopping+Cart%3A0%2CSpy%3A0%2C&_r=0.11338517483469779 REQUEST_URI: /member_menu_queries.php?action=get_bubbles_values&bubbles=AddContent%3ANaN%2CMail%3A0%2CFriends%3A0%2CShopping+Cart%3A0%2CSpy%3A0%2C&_r=0.11338517483469779 QUERY_STRING: action=get_bubbles_values&bubbles=AddContent%3ANaN%2CMail%3A0%2CFriends%3A0%2CShopping+Cart%3A0%2CSpy%3A0%2C&_r=0.11338517483469779 SCRIPT_NAME: /member_menu_queries.php PHP_SELF: /member_menu_queries.php
Proud Hosted by Zarconia.net
Quote · 30 Mar 2015
Nathan Paton
Nathan PatonUndefined
9604 posts
0
 

Not really. Make sure both threshold options under Admin Panel => Settings => Advanced Settings => Security are set to -1. This is from PHPIDS, a security feature that's horribly broken in Dolphin. Best left disabled.

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
Quote · 31 Mar 2015
Eli
EliAdvanced
870 posts
0
 

Thanks both are set to -1

Proud Hosted by Zarconia.net
Quote · 31 Mar 2015
deano92964
deano92964Premium
10772 posts
0
 

 

Thanks both are set to -1

 
Were they already set to -1. or did you have to change them to -1?

Reason i ask is because if they were already at -1 and you still got that message then it's malfunctioning and you may have to do something else.

https://www.deanbassett.com
Quote · 31 Mar 2015
Eli
EliAdvanced
870 posts
0
 

They were already set to -1 and this is the first time i got that message since installed dolphin pro 7.1.5 ! And i got it on the day the developers commencing working on my template.

Thanks

Proud Hosted by Zarconia.net
Quote · 31 Mar 2015
geek_girl
geek_girlPremium
11493 posts
0
 

Mine are set to -1 and once in a blue moon I will get a security attack message.  I just ignore the messages.  Haven't gotten any in a long time.

Geeks, making the world a better place
Quote · 31 Mar 2015
Nathan Paton
Nathan PatonUndefined
9604 posts
0
 

 

They were already set to -1 and this is the first time i got that message since installed dolphin pro 7.1.5 ! And i got it on the day the developers commencing working on my template.

Thanks

See this thread by Deano: http://www.boonex.com/forums/topic/Remove-PHPIDS.htm

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
Quote · 31 Mar 2015
Eli
EliAdvanced
870 posts
0
 

Thanks for your help, if it does happen again then i will follow deanos instructions ...

Proud Hosted by Zarconia.net
Quote · 31 Mar 2015
Reply ›
 
 
Home
Features
Pricing
Hosting
Support
About
StartDemo
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.

Blogs

Dolphin.Pro News
BoonEx News
Our Journey
Social Software World
Community Voice

Help

Support Forums
Documentation
BoonEx at GitHub
Knowledge Base
Contact Support Team

Product

Dolphin.Pro Features
Live Demo & Sandbox
Download Packages
Pricing & Order
Contact Sales Team

Company

Contact Us
About BoonEx
Privacy Policy
Terms & Conditions
© BoonEx Pty Ltd