Re: Major Security Hole (solution with Welcome)

This WebDNA talk-list message is from

1998


It keeps the original formatting.
numero = 18835
interpreted = N
texte = >Or ask Andreas Pardeike if you can set up his Welcome Plugin to check the >special URL. Could work if you run WebStar and no additional multi-domain >software. >http://welcome.comcon.de >email: pardeike@comcon.deThis is old information. Use these instead, both are redirected to the most current addresses:http://www.kagi.com/pardeike/ pardeike@bigfoot.comBTW: Welcome CAN be used with other virtual hosting software (e.g. the VH plugin of WebSTAR). You can even MIX multihoming and Welcomes virtual hosting or just use Welcome's Rule feature.The fix for the Major Security Hole is to use that Rule:Rule Major Security Hole fix ------------------------------ Path: *::$DATA* Condition: Rule Result: NEVER_TOUCH_THIS Mode: Authorization ------------------------------That's it. It will simply block ANY url, that contains ::$DATA------------------------------------------------------- Andreas Pardeike, Reference Interactive Arb +46-8-406 60 54 http://www.reference.se Hem +46-8-580 38780 http://welcome.digitalfarmers.com Associated Messages, from the most recent to the oldest:

    
  1. Re: Major Security Hole (solution with Welcome) (Andreas Pardeike 1998)
  2. Re: Major Security Hole (solution with Welcome) (Peter Ostry 1998)
  3. Re: Major Security Hole (solution with Welcome) (Andreas Pardeike 1998)
>Or ask Andreas Pardeike if you can set up his Welcome Plugin to check the >special URL. Could work if you run WebStar and no additional multi-domain >software. >http://welcome.comcon.de >email: pardeike@comcon.deThis is old information. Use these instead, both are redirected to the most current addresses:http://www.kagi.com/pardeike/ pardeike@bigfoot.comBTW: Welcome CAN be used with other virtual hosting software (e.g. the VH plugin of WebSTAR). You can even MIX multihoming and Welcomes virtual hosting or just use Welcome's Rule feature.The fix for the Major Security Hole is to use that Rule:Rule Major Security Hole fix ------------------------------ Path: *::$DATA* Condition: Rule Result: NEVER_TOUCH_THIS Mode: Authorization ------------------------------That's it. It will simply block ANY url, that contains ::$DATA------------------------------------------------------- Andreas Pardeike, Reference Interactive Arb +46-8-406 60 54 http://www.reference.se Hem +46-8-580 38780 http://welcome.digitalfarmers.com Andreas Pardeike

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Bug? (1997) WAY Off-Topic (2004) [ot] Bluetooth Phones That Allow SSH (2004) Demo math questions (2000) New syntax feedback for 4.0 (2000) NT beta ReadMe missing (b12-b15) (1997) I'm having trouble using [url][interpret][math] together in lookup (1997) [exclusivelock] (was:several people...) (2001) WebDNA Solutions ... sorry! (1997) [WebDNA] fastcgi 7+ & [cart]? (2010) Are they really global tags? (2002) FTP upload TCP Connect (2003) Providing hard copy of database to client (1997) [authenticate] (1999) foriegn characters and webcatalog (1997) WebCatalog vs. Cold Fusion (1998) CDATA problems (2008) Nitro plugin? (1998) Sendmail - Attachment / My First Post (2001) [bug] Technical Support Log Crashes Server (2004)