Marco's SQL Injection
This plugin adds a simple but, in most cases, fondamental protection against SQL injection and LFI (local files inclusion) attacks. It checks data sent to Joomla and intercepts a lot of common exploits, saving your site from hackers.
- Filters requests in POST, GET, REQUEST and blocks SQL injection / LFI attempts.
- Notifies you by e-mail when a alert is generated.
- Protect also from unKnown 3rd Party extensions vulnerability.
- White list for safe components (at your risk ;) )
- automatic ip blocking on attack
Enable mail report and prepare yourself to be scared!
Anyway remember that security it is a 'forma mentis', not a plugin!
Version 1.4 Apr 28th, 2014:
* minor code fixes (not security related)
* default table type set by DB engine
* table creation by sql install file
Version 1.2 Mar 26th, 2013:
* Joomla! 3.0 compatility & coding style
* try - catch table checking
* InnoDB table support
* it works fine, nothing else to do on J2.5 ;)
Version 1.1 (Mar 10th, 2011)
* ip auto banning on attack (ip blocking)
* RegEx improvements to intercept more SQL attacks
Version 1.0 (Jan 7st, 2011)
* Joomla! v1.6 compatibility
* send mail also when error is raised
* minor code optimization
Version .98a (Jun 1st, 2010) Thanks to Jeff
* fixed backtics matching
* fixed union all matching
* fixed ....// exploit
* added more info to report mail
Version .98 (May 29th, 2010)
Please, keep in mind, I repeat: this plugin intercepts a lot of common exploits, not ALL!! this should be intended as an help, this is not "THE SOLUTION".