Can the marks in the review put the page down?

S

stifler112020-02-29 23:25:05

WordPress

stifler11, 2020-02-29 23:25:05

I am the owner of a Wordpress site. Site with reviews: people can post reviews, after moderation by the contributor, the reviews are published.

On one of the pages of the site with reviews, a review was posted yesterday, today the contest worker OKnul the review. And after the page did not work (an internal wordpress error was written, or not internal, but "something was a Wordpress error"). That the page lay down I noticed by chance tonight. Because Only one page did not work, I immediately thought that it was a matter of reviews. And deleted the last review. And then immediately the page started working.

I didn't save my review. But I read it briefly before deleting it, there was some kind of smiley or a sign with the use of brackets "<" or ".>" and other characters. Could it put the site down? Is it possible to protect yourself from this?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

N

nokimaro, 2020-02-29
@stifler11

Is that possible. Especially if the reviews are implemented by a third-party plugin, which may contain errors.
To defend yourself, you need to study the problem. That is, find a problematic review (wait for a repetition), and look at the server error logs to understand what exactly this review breaks in the system.
Proceeding from this, already make a filter that will not let such "malicious" reviews pass, or a filter that will neutralize them.

S

Sergey Goryachev, 2020-03-01
@SergeGoryachev

Offhand, it looks like the recall was either MySQL injection, or js code, or characters that dropped json_decode.
You have to look at what exactly was there.