VISIT AND LIKE OUR PAGE ON FACEBOOK
TAKE A LOOK AT OUR TWEETS ON TWITTER
SUBSCRIBE TO THE JOOMFREAK RSS FEED
CHECK OUT OUR PAGE ON GOOGLE +
VISIT OUR CHANNEL ON YOUTUBE

Account Details

Change your name, email, password or permanently delete your account. Change settings

We offer several ways you can get support from our experts: Support ForumKnowledgebaseNewsletter

Your Forum Posts

No posts to display.

Welcome, Guest
Username Password: Remember me
  • Page:
  • 1

TOPIC: SQL Injection Error

SQL Injection Error 28 Aug 2012 15:55 #947

I have downloaded this template and have been trying to work with it. My web host keeps blocking my IP address ever since I started using the template because of SQL injection attacks. you can see the messages below. Can someone please help me solve this issue. I'm assuming that there is an error in either set up or configuration rather than there is malicious code in the template.

here is the error:

grnaturalhealth/administrator/index.php?option=com_content&layout=edit&id=1 HTTP/1.1 webdesignbytc.com Access denied with code 406 (phase 2). Pattern match "\b(\d+) ?= ?\1\b|[\'"](\w+)[\'"] ?= ?[\'"]\2\b" at REQUEST_HEADERS:Cookie. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "98"] [id "959901"] [msg "SQL Injection Attack"] [data "1=1"] [severity "CRITICAL"] [tag "WEB_ATTACK/SQL_INJECTION"] 406
2012-08-28 01:06:11 /favicon.ico HTTP/1.1 webdesignbytc.com Access denied with code 406 (phase 2). Pattern match "\b(\d+) ?= ?\1\b|[\'"](\w+)[\'"] ?= ?[\'"]\2\b" at REQUEST_HEADERS:Cookie. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "98"] [id "959901"] [msg "SQL Injection Attack"] [data "1=1"] [severity "CRITICAL"] [tag "WEB_ATTACK/SQL_INJECTION"]

  • Posts:2
  • camp5456
  • Fresh Boarder
  • OFFLINE
  • Karma: 0

Re: SQL Injection Error 31 Aug 2012 05:20 #960

Did you install another component? Because we don't use SQL Query in template?
  • mars

Re: SQL Injection Error 31 Aug 2012 14:49 #969

No, it was a fresh Joomla 2.5.6. Then installed the template. Then I did the quickstart, which uses akeeba backup doesn't it? This makes a database connection because it asked for my admin login info for the database. It's ok. I got blocked from my host, so I had to uninstall everything. I'm not sure where the issue came from. You do have beautiful templates though. Very classy.

Thanks anyway for the help.

  • Posts:2
  • camp5456
  • Fresh Boarder
  • OFFLINE
  • Karma: 0

Re: SQL Injection Error 04 Sep 2012 03:27 #981

hmm I don't know. Could you ask your hosting support for this problem?
  • mars
  • Page:
  • 1
Time to create page: 0.49 seconds

joomfreak is not affiliated with or endorsed by the Joomla Project or Open Source Matters.
The Joomla logo is used under a limited license granted by Open Source Matters the trademark holder in the United States and other countries.