security attack was stopped!

I keep getting these e-mails named: http://www.mysite.com/ -  security attack was stopped!

Total impact: 32
Affected tags: xss, csrf, id, rfe

Variable: REQUEST.constructor | Value: [object Object]
Impact: 4 | Tags: xss, csrf, id, rfe
Description: Detects JavaScript language constructs | Tags: xss, csrf, id, rfe | ID: 20

Variable: REQUEST.toString | Value: [object Object]
Impact: 4 | Tags: xss, csrf, id, rfe
Description: Detects JavaScript language constructs | Tags: xss, csrf, id, rfe | ID: 20

Variable: REQUEST.toLocaleString | Value: [object Object]
Impact: 4 | Tags: xss, csrf, id, rfe
Description: Detects JavaScript language constructs | Tags: xss, csrf, id, rfe | ID: 20

Variable: REQUEST.valueOf | Value: [object Object]
Impact: 4 | Tags: xss, csrf, id, rfe
Description: Detects JavaScript language constructs | Tags: xss, csrf, id, rfe | ID: 20

Variable: GET.constructor | Value: [object Object]
Impact: 4 | Tags: xss, csrf, id, rfe
Description: Detects JavaScript language constructs | Tags: xss, csrf, id, rfe | ID: 20

Variable: GET.toString | Value: [object Object]
Impact: 4 | Tags: xss, csrf, id, rfe
Description: Detects JavaScript language constructs | Tags: xss, csrf, id, rfe | ID: 20

Variable: GET.toLocaleString | Value: [object Object]
Impact: 4 | Tags: xss, csrf, id, rfe
Description: Detects JavaScript language constructs | Tags: xss, csrf, id, rfe | ID: 20

Variable: GET.valueOf | Value: [object Object]
Impact: 4 | Tags: xss, csrf, id, rfe
Description: Detects JavaScript language constructs | Tags: xss, csrf, id, rfe | ID: 20

REMOTE_ADDR: 209.183.51.17
HTTP_X_FORWARDED_FOR:
HTTP_CLIENT_IP:
SCRIPT_FILENAME: /home/mysite/public_html/flash/XML.php
QUERY_STRING: module=im&action=updateInvite&recipient=53&_t=1262133463024&constructor=%5Bobject+Object%5D&toString=%5Bobject+Object%5D&toLocaleString=%5Bobject+Object%5D&valueOf=%5Bobject+Object%5D&hasOwnProperty=false&isPrototypeOf=false&propertyIsEnumerable=false&__defineGetter__=undefined&__defineSetter__=undefined
REQUEST_URI: /flash/XML.php?module=im&action=updateInvite&recipient=53&_t=1262133463024&constructor=%5Bobject+Object%5D&toString=%5Bobject+Object%5D&toLocaleString=%5Bobject+Object%5D&valueOf=%5Bobject+Object%5D&hasOwnProperty=false&isPrototypeOf=false&propertyIsEnumerable=false&__defineGetter__=undefined&__defineSetter__=undefined
QUERY_STRING: module=im&action=updateInvite&recipient=53&_t=1262133463024&constructor=%5Bobject+Object%5D&toString=%5Bobject+Object%5D&toLocaleString=%5Bobject+Object%5D&valueOf=%5Bobject+Object%5D&hasOwnProperty=false&isPrototypeOf=false&propertyIsEnumerable=false&__defineGetter__=undefined&__defineSetter__=undefined
SCRIPT_NAME: /flash/XML.php
PHP_SELF: /flash/XML.php

Quote · 30 Dec 2009

Depending what was in the email, this is a PHPIDS feature in D7. It is to stop spammers from your site. IF you are doing something legitimate that is causing these errors, you can do one of the following:

Bump the total impact levels higher that 32

Disable PHPIDS all together by setting them to -1

You can find these settings in Admin Panel>Settings>Advanced Settings>Other

Be cautious if you decided to disable.

Chris

Nothing to see here
Quote · 30 Dec 2009

Thanks... I set it to 34.. see how that goes.

Quote · 30 Dec 2009
 
 
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.