If you are not registered or logged in, you may still use these forums but with limited features. Show recent topics
  [Search] Search   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [FAQ]  FAQ 
[Register] Register / 
[Login] Login 
SQL Injection Exploit  XML
Forum Index » Support Forum
Author Message
Webmaster
Site Admin
[Avatar]

Joined: 10/01/2002 23:32:17
Messages: 82
Offline

Please read:

http://beckspaced.com/gb_fix/index.php
[Email] [WWW]
Anonymous



Here is a very simple quick fix. Just rename the admin.php file to something different

for example

54RtFgvb.php

and then update line 25 in /admin/config.inc.php
Anonymous



forgot to add, remove all links to the admin. otherwise it will show the new name for the admin file in the link
Jared
Student

Joined: 07/01/2003 22:58:43
Messages: 96
Offline

Tired of being hacked?

Guide to the ultimate protection.

1) create new file and name it anything you want .php
2) insert this code (comes straight from proxy2.de site)



4)
open up admin.php and on the second line directly after <?php
place this



now, make sure that the password in the authentication file matches YOUR password to the guestbook.

5) rename the admin.php to something other than admin.php
6) update /admin/config.inc.php file to reflect the new name of admin.php file
7) remove any and all links in guestbook to administration area

guestbook is completly secured from everyone...except you.
[WWW] [Yahoo!] [MSN]
Anonymous



i was not able to hack into my own guestbook using the info provided
Jared
Student

Joined: 07/01/2003 22:58:43
Messages: 96
Offline

If the authentication user name and password do not match the guestbook admin user name and password, you will never be able to get in.

Make sure both password sets match...otherwise you are right, not even you will get in.
[WWW] [Yahoo!] [MSN]
 
Forum Index » Support Forum
Go to:   
Based on the open source JForum