Menu

Topic-icon check upload for double extensions is not working

More
10 months 1 week ago #7236 by Jose
Hi again Yoghita,

I have just send you an email with a modified file to detect all files with multiple extensions (not only php files), so this should solve your issue. I will also add this change to future versions of Securitycheck Pro.

Regards,
Jose

Please Log in or Create an account to join the conversation.

  • yogitha
  • yogitha's Avatar Topic Author
  • Offline
  • Fresh Boarder
  • Fresh Boarder
More
10 months 4 days ago #7250 by yogitha
Dear Jose,
Thank you very much for the support. We have applied the change sent to us. Looks to work now. We sent it to testing team.
with regard to csrf protection, the government security audit team warned this and recommended to prevent.
Kindly guide us on this topic.

Once again we thank you for the support being extended.

Please Log in or Create an account to join the conversation.

More
10 months 4 days ago #7251 by Jose

Thank you very much for the support. We have applied the change sent to us. Looks to work now. We sent it to testing team.

You're welcome Yogitha!

with regard to csrf protection, the government security audit team warned this and recommended to prevent.
Kindly guide us on this topic.

Csrf protection must be implemented for each extension; for instance, Securitycheck Pro adds protection agains this technique. So I fear this is a field where I can't help you so much. Anyway Joomla is secure enough and Securitycheck Pro also adds user session protection.

Regards,
Jose

Please Log in or Create an account to join the conversation.

  • yogitha
  • yogitha's Avatar Topic Author
  • Offline
  • Fresh Boarder
  • Fresh Boarder
More
9 months 2 weeks ago #7265 by yogitha
Dear Jose,
Thank you for your support.Double extension is working only some of the combinations viz., doc.pdf, rar.zip etc... with the modified set up file. While uploading exe. pdf,exe.exe etc....., it is not working. please do the needful to avoid all type of double extensions uploading combination.
Regards,
Yogitha Sindhu

Please Log in or Create an account to join the conversation.

More
9 months 2 weeks ago #7266 by Jose
Did you update to 3.1.9 version? If so you have to upload again the file I sent you, as i had to revert the changes I did for you because they were too restrictive. I need to rethink this.

Regards,
Jose

Please Log in or Create an account to join the conversation.

Time to create page: 0.099 seconds
Powered by Kunena Forum

Login or Sign In