Re: hmmm

This WebDNA talk-list message is from

2006


It keeps the original formatting.
numero = 67324
interpreted = N
texte = Here's what I'm using: RewriteEngine On RewriteCond %{QUERY_STRING} ^.*text=.*$ [NC,OR] RewriteCond %{QUERY_STRING} ^.*include=.*$ [NC,OR] RewriteCond %{QUERY_STRING} ^.*setheader=.*$ [NC,OR] RewriteCond %{QUERY_STRING} ^.*math=.*$ [NC,OR] RewriteCond %{QUERY_STRING} ^.*!=.*$ [NC] RewriteRule ^.*$ - [F] On May 30, 2006, at 1:10 PM, devaulw@onebox.com wrote: > Yikes. Any chance you can post the rewriterule for us? > > Thanks, > Bill > > > -----Original Message----- > From: Jesse Proudman > Sent: Tue, 30 May 2006 12:18:11 -0700 > To: "WebDNA Talk" > Subject: Re: hmmm > > [This was reported to SM a week or two ago] > > On a security note... > > http://www.smithmicro.com/?text=&!=&math > I solved this on my servers using Mod Rewrite, but every one may want > to do something to block it on their boxes. Make sure you don't > store sensitive information (Authorize.net username / passwords, etc) > in text vars until you've got it patched. > > > On May 30, 2006, at 11:38 AM, WJ Starck wrote: > >> Indeed. >> >> What else can ya say, in a day and age where security and >> extensibility are at the forefront of many an admin's mind? >> >> R.I.P. beloved WebDNA... > > -- > > Jesse Proudman > Blue Box Group, LLC > > p. +1.800.613.4305 x801 > e. jesse@blueboxgrp.com > > > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to digest@talk.smithmicro.com> > Web Archive of this list is at: http://webdna.smithmicro.com/ > > > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to digest@talk.smithmicro.com> > Web Archive of this list is at: http://webdna.smithmicro.com/ -- Jesse Proudman Blue Box Group, LLC p. +1.800.613.4305 x801 e. jesse@blueboxgrp.com ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: [WebDNA] Hmmm ... and thanks! (Kenneth Grome 2008)
  2. Re: [WebDNA] Hmmm ... (Donovan Brooke 2008)
  3. Re: [WebDNA] Hmmm ... ("Jim Lanford." 2008)
  4. Re: [WebDNA] Hmmm ... (Christer Olsson 2008)
  5. Re: [WebDNA] Hmmm ... ("Dan Strong" 2008)
  6. Re: [WebDNA] Hmmm ... (Bob Minor 2008)
  7. RE: [WebDNA] Hmmm ... ("Olin Lagon" 2008)
  8. Re: [WebDNA] Hmmm ... (Govinda 2008)
  9. Re: [WebDNA] Hmmm ... (Gary Krockover 2008)
  10. RE: [WebDNA] Hmmm ... ("Michael A. DeLorenzo" 2008)
  11. Re: [WebDNA] Hmmm ... (Patrick McCormick 2008)
  12. Re: [WebDNA] Hmmm ... ("Brian Boegershausen" 2008)
  13. Re: [WebDNA] Hmmm ... (Govinda 2008)
  14. Re: [WebDNA] Hmmm ... (Kenneth Grome 2008)
  15. RE: [WebDNA] Hmmm ... ("Vincent Medina" 2008)
  16. Re: [WebDNA] Hmmm ... (Govinda 2008)
  17. Re: [WebDNA] Hmmm ... (Dylan Wood 2008)
  18. Re: [WebDNA] Hmmm ... (Kenneth Grome 2008)
  19. RE: [WebDNA] Hmmm ... ("Michael A. DeLorenzo" 2008)
  20. Re: [WebDNA] Hmmm ... (Kenneth Grome 2008)
  21. Re: [WebDNA] Hmmm ... (Bob Minor 2008)
  22. Re: [WebDNA] Hmmm ... (Kenneth Grome 2008)
  23. Re: [WebDNA] Hmmm ... (Stuart Tremain 2008)
  24. Re: [WebDNA] Hmmm ... (Kenneth Grome 2008)
  25. Re: [WebDNA] Hmmm ... (Terry Wilson 2008)
  26. [WebDNA] Hmmm ... (Kenneth Grome 2008)
  27. Re: hmmm ( Gary Krockover 2006)
  28. Re: hmmm ( "WebDna @ Inkblot Media" 2006)
  29. Re: hmmm ( "Howard Wolosky" 2006)
  30. Re: hmmm ( Donovan Brooke 2006)
  31. Re: hmmm ( Donovan Brooke 2006)
  32. Re: hmmm ( Donovan Brooke 2006)
  33. Re: hmmm ( "WebDna @ Inkblot Media" 2006)
  34. Re: hmmm ( John Peacock 2006)
  35. Re: hmmm ( Clint Davis 2006)
  36. Re: hmmm ( Jesse Proudman 2006)
  37. Re: hmmm ( Donovan Brooke 2006)
  38. Re: hmmm ( devaulw@onebox.com 2006)
  39. Re: hmmm ( "Dan Strong" 2006)
  40. Re: hmmm ( Clint Davis 2006)
  41. Re: hmmm ( "Dan Strong" 2006)
  42. Re: hmmm ( "Dan Strong" 2006)
  43. Re: hmmm ( Terry Wilson 2006)
  44. Re: hmmm ( Stuart Tremain 2006)
  45. Re: hmmm ( "Dan Strong" 2006)
  46. Re: hmmm ( "Dan Strong" 2006)
  47. Re: hmmm ( "Nitai @ ComputerOil" 2006)
  48. Re: hmmm ( "Bess Ho" 2006)
  49. Re: hmmm ( "Bess Ho" 2006)
  50. Re: hmmm ( Jesse Proudman 2006)
  51. Re: hmmm ( "Bess Ho" 2006)
  52. Re: hmmm ( Kenneth Grome 2006)
  53. Re: hmmm ( Jesse Proudman 2006)
  54. Re: hmmm ( devaulw@onebox.com 2006)
  55. Re: hmmm ( John Peacock 2006)
  56. Re: hmmm ( Jesse Proudman 2006)
  57. Re: hmmm ( John Peacock 2006)
  58. Re: hmmm ( John Peacock 2006)
  59. Re: hmmm ( Jesse Proudman 2006)
  60. Re: hmmm ( Kenneth Grome 2006)
  61. Re: hmmm ( John Peacock 2006)
  62. Re: hmmm ( John Peacock 2006)
  63. Re: hmmm ( Jim Ziegler 2006)
  64. Re: hmmm ( Jesse Proudman 2006)
  65. Re: hmmm ( WJ Starck 2006)
  66. Re: hmmm ( Clint Davis 2006)
  67. Re: hmmm ( WJ Starck 2006)
  68. Re: hmmm ( WJ Starck 2006)
  69. Re: hmmm ( Clint Davis 2006)
  70. Re: hmmm ( Clint Davis 2006)
  71. Re: hmmm ( "Bess Ho" 2006)
  72. Re: hmmm ( Stuart Tremain 2006)
  73. Re: hmmm ( WJ Starck 2006)
  74. Re: hmmm ( Stuart Tremain 2006)
  75. Re: hmmm ( WJ Starck 2006)
  76. Re: hmmm ( Jesse Proudman 2006)
  77. Re: hmmm ( Stuart Tremain 2006)
  78. Re: hmmm ( Eric king 2006)
  79. Re: hmmm ( Jesse Proudman 2006)
  80. Re: hmmm ( devaulw@onebox.com 2006)
  81. Re: hmmm ( "Nitai @ ComputerOil" 2006)
  82. Re: hmmm ( Jesse Proudman 2006)
  83. Re: hmmm ( "Bess Ho" 2006)
  84. Re: hmmm ( WJ Starck 2006)
  85. Re: hmmm ( "Bess Ho" 2006)
  86. Re: hmmm ( Chris 2006)
  87. Re: hmmm ( Adam O'Connor 2006)
  88. Re: hmmm ( Donovan Brooke 2006)
  89. Re: hmmm ( devaulw@onebox.com 2006)
  90. Re: hmmm ( "Nitai @ ComputerOil" 2006)
  91. hmmm ( Donovan Brooke 2006)
  92. Things that make you go Hmmmm (Brian B. Burton 2001)
Here's what I'm using: RewriteEngine On RewriteCond %{QUERY_STRING} ^.*text=.*$ [NC,OR] RewriteCond %{QUERY_STRING} ^.*include=.*$ [NC,OR] RewriteCond %{QUERY_STRING} ^.*setheader=.*$ [NC,OR] RewriteCond %{QUERY_STRING} ^.*math=.*$ [NC,OR] RewriteCond %{QUERY_STRING} ^.*!=.*$ [NC] RewriteRule ^.*$ - [F] On May 30, 2006, at 1:10 PM, devaulw@onebox.com wrote: > Yikes. Any chance you can post the rewriterule for us? > > Thanks, > Bill > > > -----Original Message----- > From: Jesse Proudman > Sent: Tue, 30 May 2006 12:18:11 -0700 > To: "WebDNA Talk" > Subject: Re: hmmm > > [This was reported to SM a week or two ago] > > On a security note... > > http://www.smithmicro.com/?text=&!=&math > I solved this on my servers using Mod Rewrite, but every one may want > to do something to block it on their boxes. Make sure you don't > store sensitive information (Authorize.net username / passwords, etc) > in text vars until you've got it patched. > > > On May 30, 2006, at 11:38 AM, WJ Starck wrote: > >> Indeed. >> >> What else can ya say, in a day and age where security and >> extensibility are at the forefront of many an admin's mind? >> >> R.I.P. beloved WebDNA... > > -- > > Jesse Proudman > Blue Box Group, LLC > > p. +1.800.613.4305 x801 > e. jesse@blueboxgrp.com > > > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to digest@talk.smithmicro.com> > Web Archive of this list is at: http://webdna.smithmicro.com/ > > > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to digest@talk.smithmicro.com> > Web Archive of this list is at: http://webdna.smithmicro.com/ -- Jesse Proudman Blue Box Group, LLC p. +1.800.613.4305 x801 e. jesse@blueboxgrp.com ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Jesse Proudman

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

WC Database Format (1997) Execute Applescript (1997) Which GUI HTML editors work with WC ? (1997) Emailer file formats (1998) Clear command and ShoppingCart.tmpl (1997) WebCat2 several catalogs? (1997) File type (2000) [Announce] Newest Commerce Site based on WebCatalog (1997) Latest compatible Apache (2006) [WebDNA] Installing 7.1.702 on CentOS (2012) How Many SKU's is enough? (1997) emailer stuck (1997) Ticket Ordering Question (2003) [OT] Appropriate Signature??? (2003) [Listfiles] vs Netfinder (1997) Event Calendar added to the Intranet Edition (2002) WebCatalog2 Feature Feedback (1996) I'm tired of all this! (2000) Make sure I understand this??? (1997) where to put code (1998)