♥geoffreywalton Posted March 11, 2009 Share Posted March 11, 2009 Anybody got any thoughts why after entering cc details on authorize.net https://secure.authorize.net/gateway/transact.dll the ip trap is activated and the xss script is too? I know some people do not like authorize.net but this is overkill!! :-) The ip trap script, block.php, displays a you are blocked page but it is not shown if I change punish = 2 to = 0 in secret.php script $ua = ( isset($_SERVER['HTTP_USER_AGENT']) && ($_SERVER['HTTP_USER_AGENT'] != "")) ? $_SERVER['HTTP_USER_AGENT'] : ""; $ip = $_SERVER["REMOTE_ADDR"]."\n"; $punish = 0; if ( $ua == "" ) { $punish = 2; } The browser agent is not shown on the screen. Just had a thought is it single quotes around HTTP_USER_AGENT? So once that was changed I then get told to "go away" by the XSS script. Looks like the rules in .htaccess redirects the page. Took this out and everything worked # extra anti uri and xss attack script 2 - sql injection prevention #Options +FollowSymLinks #RewriteEngine On #RewriteCond %{QUERY_STRING} ("|%22).*(>|%3E|<|%3C).* [NC] #RewriteRule ^(.*)$ log.php [NC] #RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC] #RewriteRule ^(.*)$ log.php [NC] #RewriteCond %{QUERY_STRING} (java script:).*(;).* [NC] #RewriteRule ^(.*)$ log.php [NC] #RewriteCond %{QUERY_STRING} (;|'|"|%22).*(union|select|insert|drop|update|md5|benchmark|or|and|if).* [NC] #RewriteRule ^(.*)$ log.php [NC] #RewriteRule (,|;|<|>|'|`) /log.php [NC] Can you see what is being invoked? I would prefer to re-enable ip trap and xss so any help would be appreciaed. Thanks Geoffrey Quote Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile Virus Threat Scanner My Contributions Basic install answers. Click here for Contributions / Add Ons. UK your site. Site Move. Basic design info. For links mentioned in old answers that are no longer here follow this link Useful Threads. If this post was useful, click the Like This button over there ======>>>>>. Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.