The Joomla! Extensions Directory ™


Marco's SQL Injection Plugin

This plugin adds a simple but, in most cases, fondamental protection against SQL injection and LFI (local files inclusion) attacks. It checks data sent to Joomla and intercepts a lot of common exploits, saving your site from hackers.

* Filters requests in POST, GET, REQUEST and blocks SQL injection / LFI attempts.
* Notifies you by e-mail when a alert is generated.
* Protect also from unKnown 3rd Party extensions vulnerability.
* White list for safe components (at your risk ;) )
* automatic ip blocking on attack

Enable mail report and prepare yourself to be scared!

Anyway remember that security it is a 'forma mentis', not a plugin!


HISTORY

Version 1.4 Apr 28th, 2014:
* minor code fixes (not security related)
* default table type set by DB engine
* table creation by sql install file

Version 1.2 Mar 26th, 2013:
* Joomla! 3.0 compatility & coding style
* try - catch table checking
* InnoDB table support
* it works fine, nothing else to do on J2.5 ;)

Version 1.1 (Mar 10th, 2011)
* ip auto banning on attack (ip blocking)
* RegEx improvements to intercept more SQL attacks

Version 1.0 (Jan 7st, 2011)
* Joomla! v1.6 compatibility
* send mail also when error is raised
* minor code optimization

Version .98a (Jun 1st, 2010) Thanks to Jeff
* fixed backtics matching
* fixed union all matching
* fixed ....// exploit
* added more info to report mail

Version .98 (May 29th, 2010)
first release.


Please, keep in mind, I repeat: this plugin intercepts a lot of common exploits, not ALL!! this should be intended as an help, this is not "THE SOLUTION".

Report Extension

 

 

2011-12-08
Reviews: 2
This plugin is really great, does what it is build for. I installed it on my 2 websites, and what a surprise... 30 email per night... so my website is now much safer... Thank you for good plugin
Marek
2011-11-12
Reviews: 11
Iam a site builder in Greece and have more tha 50 joomla sites online.
This plugin has save mu job and my money for many many times, has help me to found an attacker and go him to the judge... except saving my sites ofcourse!
A REALLY BIG THANK YOU FOR PROVIDING US THIS PLUGIN!
I 10000% suggesting it with closed eyes!
Inform me when u will make a donation system on your site!
2011-10-18
Reviews: 2
this plugin really do the job very excellent. it help me a lot! my website got attacked from few blacklist country ip and trying to inject my website, steal the password esc. this plugin block them all. thanx a lot!
2011-09-18
Reviews: 2
This is an excellent plugin,I've suffered so much in the past from sql injection until this plugin made it so easy for my at least to find out which extension the hacker is trying to get into.
Great work Marco, I've been using joomla since it was Mambo never wrote a review before, after using this plugin and see it working perfectly.
Thanks again
2011-07-20
Reviews: 7
Very good, use it on all my sites. Thanks Marco!
2011-06-02
Reviews: 3
Thank you for this great plugin, it's been 6 months I use this plugin and the results are amazing! direct report I received via email and I also immediately block the attacker ip address.

TY Marco
2011-05-22
Reviews: 16
This plug-in is simple and it does what it claims. On one of my site people kept trying to exploit a vulnerability on Rokdownload ... I found out about it because of this extension.

thank you Marco
2011-05-20
Reviews: 1
You state in your description that all I have to do after installing the plug in is turn on my mail reporting. How do I do that? I looked in my global configuration and could not find any thing on mail reporting?
2011-05-11
Reviews: 1
This plugin detected an attack on our website, within five minutes we have stopped it by blocking the IP address the attack came from.
We are now planning to deploy this plugin on all our websites.

Thank you Marco for a job well done.
2011-03-21
Reviews: 6
Simple, and does what it says. I also suggest sending letters in html, and with whois link - so it will be no more necessary to copy-paste IP, go to whois site etc...
2011-01-25
Reviews: 3
From time to time our site gets these automated attacks, trying to access the site and probably its email system to send spam. As soon as I get the message I block the IP address.
Thank you for this great and simple extension!
2011-01-12
Reviews: 11
Upon installation of this plugin, I noticed an attack with SQL injection exploting Rokdownloads module. Some of the information is provided via automated e-mail notification - where the attack is originated from, etc. (see example below)

Today there were 126 attacks from different servers within USA trying to inject the strings into joomlub? No such component has been installed, so it was a blind attack. Strange.

Keep in mind - our site is non-profit - what is the point of crashing our site? NONE...

THANK YOU, Marco!!! May this Great Karma find its way back to you tenfold!

Here is an example of some of the info from e-mail notification from one of the attacks:


**PAGE / SERVER INFO


*REMOTE_ADDR :
74.86.158.3

*HTTP_USER_AGENT :
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)

*REQUEST_METHOD :
GET

*QUERY_STRING :
option=com_joomlub&controller=auction&view=auction&task=edit&aid=-2%20union%20all%20select%201,2,3,concat(0x26,0x26,0x26,0x25,0x25,0x25,username,0x3a,password,0x25,0x25,0x25,0x26,0x26,0x26),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29+from+jos_users



** SUPERGLOBALS DUMP (sanitized)
2011-01-10
Reviews: 1
My site was under attack for several weeks. Couldn't find out what part of the site was causing the problem. Thanks to this plugin my site is protected now and the emails the system creates helped me to find the component that was under attack. Thank you very much for this simple and very effective plug-in!!!
2010-08-26
Reviews: 47
Honestly, I was attacked for more than 3 times as of now. I've just found this plugin and installed it as a remedy, I hope this helps me tighten a bit of security towards the attack.

Thanks for a nice share. May God Bless You with the Best!
2010-08-23
Reviews: 1
Thanx!
I did installe this on a site i done and all the sudden i did get a mail that there was a attempt to hack the site. I did get all the information that i did need to send to the abuse for the IP-adress i did get.
Thanx!
2010-08-11
Reviews: 2
The extension increased the security level of the websites where I installed it. It's simple and quick to setup.
:)
Thank you for your work!
2010-07-08
Reviews: 7
The Concept Seems nice, there is a lot of front-end attacks, I hope this one prevents as much as it can.
Thanks a lot for keeping this plugin free on goodwill nature.

I will write a review again in the future to talk the success of the plugin.
Page 2 of 2