CranialBlaze
This works exactly as advertised, setup is strait forward and fairly simple, your reading this then you can probably do it.
Had a support request on another com and they were extremely helpful and friendly even though the problem turned out to be within my servers config.
As brian mention, it filters out extremely common words, i have tried the latest 1.2.1 version and it has not sovlved the problem, we have a social network with public bloggers and no matter where you want to use the word union, front-end or back, user level irrespective it removes the work or that part of any word containing it.
Even tried posting it as my status in JomSocial and as a super admin it would not let the post succeed. They are completely delusional if they believe they have solved the problem.
Hello,
We have tested the plugin and we can confirm that the version for Joomla 1.7 no longer filters in any way content added by users that have access to the administrative area. To make sure that the latest version of jHackGuard is used please completely remove your current instance of jHackGuard, download it anew from our website and install it.
As to the JomSocial component, it allows users without access to the administrative area to create and publish content to your website. This behavior triggers the jHackGuard security checks and if anything suspicious is found it will be blocked. Our plugin utilizes the same logic in both Joomla 1.5 and Joomla 1.7 versions. This means that posting "union" through a JomSocial component will be filtered in all Joomla versions. Note that the majority of the MySQL injections work using precisely this command to execute unwanted queries to your database. For example, if someone posts 'and1=1 UNION select * from jos_users' and your comment extension is not written securely, this will return everything in your jos_users table. Through this command if an attacker find such security hole he/she can execute literally every query he/she wants.
We also plan to develop further the plugin and converting it to a component that utilizes the new Joomla ACL system. This will allow each user better control over the security checks to be applied on his/her website.
With my site unfortunately i could not get the component to work exactly as i wanted, i had to make numerous modifications to my database so that the component could work the way i needed it to simply because of where i live and how shipping rates are calculated.
As a component under normal conditions this component works like a dream, my site is unfortunately unique in too many ways for this to of benefited me the way i needed.
The service and support i got in tempting to hack VM further to get the component working was exceptional and responses was prompt and professional.
It gets my full 5* vote based on the quality i could see and the service, the fact that i could not get it working was of no fault of the developer or the component, my sites just simply too far off the beaten track for it to of worked perfectly the way i had envisioned.
Installation was absolutely simple and the instructions were well laid out and easy to follow. I pretty much know enough to get by with editing files and stuff but the way it was put together anyone of any experience level could easily get this done in almost no time
Thank you for your feedback CranialBlaze. As we told to Angie, with the newest component version, the installation process is almost completely automated.
It will be a really simple process for newbies also, and we are always available with our online support desk.
Best Regards,
The MobyJam Team
Setup was simple and the updates are working perfectly, sending to RedMystics and google