Re: Scrip or vulnerable code

More
12 years 11 months ago - 1 year 10 months ago #6793 by felipergueza
I am using the template in Hot cars, but lately I have been going to my site automatically locks and the IP of my site is outside the Internet.

Seek support from my hosting provider and tell me that the tool they have them blocked my site for security because they said the temple has a scrip code or vulnerable.
This is the mail they sent me verbatim:

Hola Sr. XXXXXX

La Razon de que nuestro modulo de seguridad bloquea su ip es por la siguiente razon.
Code:
11-03-31 15:46:29 189.155.104.212 /templates/hot_cars/js/jquery.cookie.js HTTP/1.1 www.xxxxxx.com Access denied with code 406 (phase 2). Pattern match "(?:\b(?:(?:type\b\W*?\b(?:text\b\W*?\b(?:j(?:ava)?|ecma|vb)|application\b\W*?\bx-(?:java|vb))script|c(?:opyparentfolder|reatetextrange)|get(?:special|parent)folder|iframe\b.{0,100}?\bsrc)\b|on(?:(?:mo(?:use(?:o(?:ver|ut)|down|move|up)|ve)|key(?:press|d ..." at REQUEST_FILENAME. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "122"] [id "950004"] [msg "Cross-site Scripting (XSS) Attack"] [data ".cookie"] [severity "CRITICAL"] [tag "WEB_ATTACK/XSS"]

Por favor verifique en sus archivos si todo esta normal en especial en el directorio templates/hot_cars/js/jquery.cookie.js

Note: The template hot cars is integrated as decompressed to its original file has not changed anything.

Could you tell me how to solve this problem?
Last edit: 1 year 10 months ago by milos.

Please Log in to join the conversation.

More
12 years 11 months ago - 1 year 10 months ago #6809 by ivan.milic
Replace fontResize.js with one in attachment. Delete jquery.cookie.js from /templates/hot_cars/js. Then go to index.php of template and edit it to remove <script.../> reference to jquery.cookie.js.
Last edit: 1 year 10 months ago by milos.

Please Log in to join the conversation.

More
12 years 11 months ago - 12 years 11 months ago #6833 by felipergueza
Could you tell me if the code you mentioned earlier is harmful to the users of my site.

I look forward to a prompt response.
Last edit: 12 years 11 months ago by felipergueza.

Please Log in to join the conversation.

More
12 years 11 months ago #6871 by ivan.milic
Hi,

Problem with jquery.cookie.js is in fact that if has "cookie" in it's name. That is no dangerous code at all.
fontResize.js I posted here has embedded code from jquery.cookie.js because it needs it.

Please Log in to join the conversation.

More
12 years 4 months ago - 12 years 4 months ago #11958 by felipergueza

Replace fontResize.js with one in attachment. Delete jquery.cookie.js from /templates/hot_cars/js. Then go to index.php of template and edit it to remove <script.../> reference to jquery.cookie.js.

I can not find the original file to replace it with fontResize.js original.

Note: I am working on joomla 1.5.24
Last edit: 12 years 4 months ago by felipergueza.

Please Log in to join the conversation.

More
12 years 4 months ago #11959 by felipergueza

I can not find the original file to replace it with fontResize.js original.

I found the file.

Please Log in to join the conversation.

Time to create page: 0.455 seconds
Powered by Kunena Forum