thealbino Posted October 1, 2009 Posted October 1, 2009 Hi, It seems the default contact_us.php is not secure ? It is possible to spam other addresses? Anybody got a fix for this? Regards, thealbino
spooks Posted October 1, 2009 Posted October 1, 2009 if u getting spam submitted, try Anti Robot Registration Validation http://www.oscommerce.com/community/contributions,1237 if form is being hacked, add security http://www.oscommerce.com/forums/index.php?showtopic=313323 Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al.
thealbino Posted October 1, 2009 Author Posted October 1, 2009 The site is not live. I just tried the simplest of form exploits and was able to mail arbitary addresses by submitting cc fields. I would have thought that this was a basic thing that should be prevented straight of the bat. thealbino
spooks Posted October 1, 2009 Posted October 1, 2009 I would have thought that this was a basic thing that should be prevented straight of the bat. Well its not, hence the contribs I linked. It is free software, not commercial, means u must put in some work yourself. Add Security pro 1st, to prevent url hacks, and the post cleaning I gave (the contact form uses the post method). ;) Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al.
thealbino Posted October 1, 2009 Author Posted October 1, 2009 Thank you. I'm more than familiar with using free/os software ;)
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.