Posted on: 05/24/23 08:49am
By: OMAL
I checked server logs and found sql injection attempts and sometimes mysql server is under load.
That malicious code was found in the part of customized parameter for get request.
My question is: are there any geeklog core function to secure parameters for get request?
Thanks.
Re: Securing get request
Posted on: 05/24/23 07:29pm
By: Laugh
Geeklog should filter all url parameters so any SQL injection should be stopped.
The latest version of Geeklog also does additional speed checks for certain requests (like ones that result in 404 errors) that result in errors and will ban the IP for a limited time.
The Geeklog plugins GUS and BAN also can work together to disable misbehaving IPs.
I've also lately started running this server level firewall which helps block requests before they reach the website. This is something you paste into the website htaccess file.
https://perishablepress.com/7g-firewall/