• 15

A PHP Error was encountered

Severity: Notice

Message: Undefined index: userid

Filename: views/question.php

Line Number: 191


File: /home/prodcxja/public_html/questions/application/views/question.php
Line: 191
Function: _error_handler

File: /home/prodcxja/public_html/questions/application/controllers/Questions.php
Line: 433
Function: view

File: /home/prodcxja/public_html/questions/index.php
Line: 315
Function: require_once

name Punditsdkoslkdosdkoskdo

How i can block requests for a specific page?

I would like to completely delete or block access to a specific page in my site.

More specifically, I have seen this exploit "Joomla COM_MEDIA Exploit" : http://all1gat0r.blogspot.gr/2013/08/joomla-commedia-exploit.html

and from what I see, there is the page : /index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder=

The exploit does not work on me, but anyway I want to completely remove the above page. How can I do this?

Web Server : Ubuntu 14.04 LTS ( with installed Mod Security2 )
Web Site : Joomla 3.1.5

As the query change the order of the parameters and be still exploitable and I am not very proficient in mod_security, I would probably use mod_rewrite to block it:

In the conf file of your apache server where all the stuff to configure Joomla are, add the following:

RewriteCond %{QUERY_STRING} option=com_media
RewriteCond %{QUERY_STRING} view=images
RewriteCond %{QUERY_STRING} tmpl=component
RewriteCond %{QUERY_STRING} fieldid
RewriteCond %{QUERY_STRING} e_name=jform_articletext
RewriteCond %{QUERY_STRING} asset=com_content
RewriteCond %{QUERY_STRING} author
RewriteCond %{QUERY_STRING} folder
RewriteRule index.php - [F,L]

Note: you may need to load mod_rewrite and initiate it

LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine on
  • 1
Reply Report

Warm tip !!!

This article is reproduced from Stack Exchange / Stack Overflow, please click

Trending Tags