Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

advanced_search_results.php sql injection high load


storeweb88

Recommended Posts

I have a annoying hacker that is using this mywebsite.com/advanced_search_result.php?keywords=-6928%27%29%20OR%208645%3D7985%20AND%20%28%27reOn%27%3D%27reOn&search_in_description=1&sort=1a&page=187  that causes a super high load on the mysql server. Does anyone have any suggestions on how to deal with this? I tried looking through the forums for code to update.

Link to comment
Share on other sites

On 8/10/2022 at 1:27 PM, storeweb88 said:

Does anyone have any suggestions on how to deal with this?

Install View Counter to control that. It allows you to control such issues, and others, and allows you to block the IP from admin.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

All of My Addons

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

  • 10 months later...

Thank you thats a fantastic idea. I didn't do that, what I did was just changed some of the code around in the search so for example if someone types in a hackerish code like above it just cuts it out of the string, I used a replace method for that.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...