Answer the question
In order to leave comments, you need to log in
L
L
lacoste132015-05-18 21:13:05
lacoste13, 2015-05-18 21:13:05
How to deal with sql injection?
I scanned a Joomla site with Madscan. The logs show something like this:
site.ru/index.php?option=com_content&task=blogcategory&id=60&Itemid=99999+UNION+SELECT+1,concat(0x1e,username,0x3a,password,0x1e,0x3a,usertype,0x1e),3,4,5+FROM+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72--The problem arose when the hosting sent an email about excessive CPU usage. The site is small, in general, a business card with a catalog and an installed K2 plugin.
New users and content from them in huge numbers began to appear in the database. Malicious code was found in the site's files, everything was cleaned up, nothing else appears, but the load is still very large. On average 350 requests per hour to index.php
Please tell me what can be done?
2 answer(s)
@sim3x
or add to the file after the
load is trifling. You can’t even call it a load
. On a shared, it’s impossible to get rid of such clients in a human way - they won’t let you in to nginx.
So it remains to wait until everything “passes by itself”
S
sim3x, 2015-05-18 @sim3x
Add a file called .htaccess to the root of the site next to index.php
RewriteEngine on
RewriteRule "(union|select|concat)" "http://google.com/" [NC,R=301,L]or add to the file after the
RewriteEngine onload is trifling. You can’t even call it a load
. On a shared, it’s impossible to get rid of such clients in a human way - they won’t let you in to nginx.
So it remains to wait until everything “passes by itself”
Similar questions
A
H
A
U
V
VenomBlood2011-01-31 23:34:53
Does it make sense to use a standard user account with UAC enabled?
1Reply
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question