retour Corpsyphonie retour Corpsyphonie

Distributed Pages:

  • PmWiki.Passwords General use of passwords
  • PmWiki.PasswordsAdmin More password options for the administrator
  • PmWiki.UrlApprovals Require approval of Url links
  • PmWiki:SiteAnalyzer A tool for analyzing site configuration settings and security

Cookbook Pages

  • See also Cookbook index: Security
  • Cookbook:Blocklist2 Block postings based on content or IP address
  • Cookbook:MTBlackList Movable Type spam blacklist
  • Cookbook:WebServerSecurity Making the server more secure with .htaccess
  • Cookbook:FarmSecurity Making Farm installations secure
  • Cookbook:EProtect Hide e-mail address
  • Cookbook:AuditImages Check to see what images have been uploaded to your wiki.

What about the botnet security advisory at http://isc.sans.org/diary.php?storyid=1672?

Sites that are running with PHP's register_globals setting set to "On" and versions of PmWiki prior to 2.1.21 may be vulnerable to a botnet exploit that is taking advantage of a bug in PHP. The vulnerability can be closed by turning register_globals off, upgrading to PmWiki 2.1.21 or later, or upgrading to PHP versions 4.4.3 or 5.1.4. In addition, there is a test at PmWiki:SiteAnalyzer that can be used to determine if your site is vulnerable.

Page mise à jour le 06 septembre 2006 à 18h55

  • ▲ En haut ▲
  • Rechercher
  • Changements récents
  • Tous les changements récents