Lavalair Sql Injection Blocker

**manavworld** · 28.11.09, 03:40

Originally posted by Mysterio3 View Post

try to make something like go.php, so when someone adds a link, it will loose everything in there, then redirect to the desired url.

you said make like this go.php when hacker cames with external link via fourm,picture,avtar links, but my question is that go.php for wot? U mean we have need to rename gallery.php or core.php or wot. Can u explain about it, than newbie user can undrstand easly about all function

**ranzit2** · 28.11.09, 03:48

Originally posted by manavworld View Post

you said make like this go.php when hacker cames with external link via fourm,picture,avtar links, but my question is that go.php for wot? U mean we have need to rename gallery.php or core.php or wot. Can u explain about it, than newbie user can undrstand easly about all function

its for the links,posted by users.like http://site.com should be go.php?site=http://site.com
in go.php make header location the site value.
for images dnt allow direct images..pass images through php file

**manavworld** · 28.11.09, 04:04

Originally posted by ranzit2 View Post

its for the links,posted by users.like http://site.com should be go.php?site=http://site.com
in go.php make header location the site value.
for images dnt allow direct images..pass images through php file

ahh ok sir, i will remove link of avtar, iam undrstand w0t u said, thank budy, realy thankful to u

**jefweewap** · 28.11.09, 20:26

SQL Inject Me

how to use this

**~~paramound~~** · 28.11.09, 20:53

nice job bro. Just make sure you don't request a password link to your site or that will be the easiest way to a green horn in hacking to hack you

**manavworld** · 29.11.09, 04:41

Plz help me, wht code i can add at .htaccess file, plz can u post here full code than i can easly copy>>post, i wil be very-very thankful to u.

**manavworld** · 30.11.09, 04:26

Originally posted by ozziemale31 View Post

to protect your file share folders from php pages being uploaded make a htaccess page and put in it the following

PHP Code:


IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti*



<Limit GET POST>

order deny,allow

deny from all

allow from all

</Limit>



<Limit PUT DELETE>

order deny,allow

deny from all

</Limit>



<Files images>

deny from all

</Files>



<Files *.php>

deny from all

</Files>



<Files *.php.*>

deny from all

</Files>



<Files *.php.php.*>

deny from all

</Files>

when a php page is uploaded in that directory and the hacker goes to open it they end up with a nice 403 error page not found even though their script to hack may be there lol thanks to gum for that lil trick

brother i hv already updated (magic_quotes in my core.php coding, now i can update this code in my .htaccess file?..ok...and one more question....<Files *.php>
deny from all
</Files>

<Files *.php.*>
deny from all
</Files>
..its ur code, hv we need to replace anythng? Plz ur litle teach make me secure, plz help me brother...i wil thankful to u.

**raymark** · 30.11.09, 08:00

My site was still hacked :-(

**makvanpor2000** · 12.12.09, 12:19

I was still hacked too

**KiLLeR_mAcHInE** · 12.12.09, 12:42

My site was also hacked till today i never know who hacked it

**manavworld** · 13.12.09, 14:24

Now easly protect ur site, just block mysql injection,cookie stealing block, and sesion id block, for more information just use search button and get more information

**blockerhead** · 16.12.09, 02:42

Originally posted by ozziemale31 View Post

to protect your file share folders from php pages being uploaded make a htaccess page and put in it the following

PHP Code:


IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti*



<Limit GET POST>

order deny,allow

deny from all

allow from all

</Limit>



<Limit PUT DELETE>

order deny,allow

deny from all

</Limit>



<Files images>

deny from all

</Files>



<Files *.php>

deny from all

</Files>



<Files *.php.*>

deny from all

</Files>



<Files *.php.php.*>

deny from all

</Files>

when a php page is uploaded in that directory and the hacker goes to open it they end up with a nice 403 error page not found even though their script to hack may be there lol thanks to gum for that lil trick

I put this .htacces in folder gallery and got error message from server than i change script like this
<Files 403.shtml>
order allow,deny
allow from all
</Files>

deny from *.php
deny from *.php.
deny from *.php.php.
Its working..! I try to upload 99cy.php. and can't open that file.

Lavalair Sql Injection Blocker

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment