Introduction
This plugin adds a simple but, in most cases, fondamental protection against SQL injection and LFI (local files inclusion) attacks. It checks data sent to Joomla and intercepts a lot of common exploits, saving your site from hackers.
- Filters requests in POST, GET, REQUEST and blocks SQL injection / LFI attempts.
- Notifies you by e-mail when a alert is generated.
- Protect also from unKnown 3rd Party extensions vulnerability.
- White list for safe components (at your risk ;) )
- automatic ip blocking on attack
Enable mail report and prepare yourself to be scared!
Anyway remember that security it is a 'forma mentis', not a plugin!
HISTORY
Version 1.4 Apr 28th, 2014:
* minor code fixes (not security related)
* default table type set by DB engine
* table creation by sql install file
Version 1.2 Mar 26th, 2013:
* Joomla! 3.0 compatility & coding style
* try - catch table checking
* InnoDB table support
* it works fine, nothing else to do on J2.5 ;)
Version 1.1 (Mar 10th, 2011)
* ip auto banning on attack (ip blocking)
* RegEx improvements to intercept more SQL attacks
Version 1.0 (Jan 7st, 2011)
* Joomla! v1.6 compatibility
* send mail also when error is raised
* minor code optimization
Version .98a (Jun 1st, 2010) Thanks to Jeff
* fixed backtics matching
* fixed union all matching
* fixed ....// exploit
* added more info to report mail
Version .98 (May 29th, 2010)
first release.
Please, keep in mind, I repeat: this plugin intercepts a lot of common exploits, not ALL!! this should be intended as an help, this is not "THE SOLUTION".
Marco's SQL Injection
- Version:
- 1.4
- Developer:
- marco maria leoni
- Last updated:
-
Nov 18 2014
9 years ago - Date added:
- Nov 18 2014
- License:
- GPLv2 or later
- Type:
- Free download
- Includes:
- p
- Compatibility:
- J3
This extension does NOT implement the Joomla! Update System
Share