Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ v2.4.x
Author Message
Kilim
Hangin' Around


Joined: Nov 02, 2004
Posts: 26

PostPosted: Sun Feb 12, 2006 3:40 pm Reply with quote

I have been contacted by a few users in my website that are somehow getting blocked due to a supposed script attack to my site.
I think it is due by viewing a page in my Map Manager module page.
Map Manager was made by NukeCoder at Only registered users can see links on this board! Get registered or login!

Below is an example of the block query:
Quote:
User Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Query String: Only registered users can see links on this board! Get registered or login!
Get String: Only registered users can see links on this board! Get registered or login!
Post String: Only registered users can see links on this board! Get registered or login!


I did notice that most blocked users are being blocked via this 1 weblink.
So I renamed the map file into the following: Only registered users can see links on this board! Get registered or login!
(Pretty much just removed the parenthesis in the map description.)

I guess someone is direct linking to the old link ( Only registered users can see links on this board! Get registered or login! )somewhere and having anonymous users getting blocked.

Any idea why this is causing a script attack according to Sentinel?
I think its the parenthesis but not fully sure.
Or maybe direct linking to the old link that is no longer there AND the parenthesis in the link.
Like I said, I am not sure, just an idea.

Please help Laughing
 
View user's profile Send private message
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17077

PostPosted: Sun Feb 12, 2006 4:15 pm Reply with quote

Get rid of the parentheses in the title. It's been documented several times.
 
View user's profile Send private message
Kilim
PostPosted: Sun Feb 12, 2006 5:53 pm Reply with quote

Thanks.
I musta missed it sorry
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ v2.4.x

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©