Possible Attack Fix .. All-In-One Download

Zarcon posted 19th of November 2009 in Community Voice. 9 comments.

First I would like to thank AlexT for working with us to create a fix for the "pestering" Possible Attack errors we have been getting. There were several change sets that you had to download and overwrite files in order to put the fix into place.

I decided to simplify this process by creating 1 zip file that contained all the updated files that you can just upload and not have to worry about going through 6-7 different change sets.The zip file contains all of the change sets known to fix this issue.

Please read the READMEFIRST file completely BEFORE you attempt to put this patch into place. I have tested this myself on my server and verified that it does work.

Your comments and feedback are more than welcome. Also, Boonex, if you would like to download and verify the contents, you are more than welcome to. I hope this resolves any issues you are having with Possible Attacks.

You can find the fix here: PossibleAttackFix.zip

Sincerely,

Chris

 
Comments
·Oldest
·Top
Please login to post a comment.
mauricecano
mauricecano19th of November 2009
 
Thanks Zarcon, I know I missed one of the fixes and when I got it put in most of my PA issues were resolved.
PermalinkReplyPlus0 pluses
houstonlively
houstonlively19th of November 2009
 
Have you considered, that modifying the database structure, may cause problems when running the RC1 to RC2 upgrade script, when it's available?

I'd feel better about doing this, if it were an official Boonex patch that is taken into consideration when running the RC1 - RC2 upgrade script.
PermalinkReplyPlus0 pluses
mauricecano
mauricecano19th of November 2009
 
The changes listed by alex require the modification of the database and adding the two new rows.
PermalinkReplyPlus0 pluses
Zarcon
Zarcon19th of November 2009
 
Yes HL, I have actually. The only modification to the database is 2 additional INSERTS into the 'sys_options' table that allows the admin to set the security impact levels. This would allow the admin to do something such as add a simple HTML block with valid HTML code and not get a Possible Attack error page or 1,000 emails per minute, as well as other things.

The rest are just updated php files. Since AlexT provided the fix, I would hope that he also took it into consideration. I just decided see more to package it all into 1 download instead of going through 6-7 change sets and editing the same php file 3 or 4 times. I would not think that these 2 inserts would restrict the upgrade from RC1 to RC2, however I could be wrong.
PermalinkReplyPlus0 pluses
patrick81
patrick8119th of November 2009
 
houstonlively,

yes i'm worried about that too. I don't mind waiting til rc2 comes out but will they make a patch for updating from rc2 to final too? :-/
PermalinkReplyPlus0 pluses
Eli
Eli20th of November 2009
 
Honneslty guy's i cant get away from that possible attack when i add the facebook widget , am just worried in case i have members in the nearest future will not enjoy my site because of this PA.
PermalinkReplyPlus0 pluses
TRACKER
TRACKER26th of November 2009
 
your file is corupted. I can not open it.
PermalinkReplyPlus0 pluses
okatanani
okatanani6th of February 2010
 
I am no able to open the file too
PermalinkReplyPlus0 pluses
mike24078
mike240784th of April 2010
 
Hey Dude i tried to download the zip file it took me to mediafire and said it was not available . Can u tell me where i can get this to stop the attack emails i get 8 to 19,000 emails a day from a potential attack
PermalinkReplyPlus0 pluses
 
 
Home
Features
Pricing
Hosting
Support
About
StartDemo
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.

Blogs

Dolphin.Pro News
BoonEx News
Our Journey
Social Software World
Community Voice

Help

Support Forums
Documentation
BoonEx at GitHub
Custom Jobs
Contact Support Team

Product

Dolphin.Pro Features
Live Demo & Sandbox
Download Packages
Pricing & Order
Contact Sales Team

Company

Contact Us
About BoonEx
Privacy Policy
Terms & Conditions
© BoonEx Pty Ltd
SSL
© BoonEx
Home
Features
Pricing
Support
Hosting
About
Demo
PET:0.052375078201294