The latest stable code is usually the best choice and upgrading should be routine for all administrators - not once in 5 years but regularly. The code, hosted on GitHub, was created by Vitalii Rudnykh. The same holds good for other scripts and programs on your site ( phpMyAdmin etc). The exploitation of a very dangerous Drupal vulnerability has started after the publication of proof-of-concept (PoC) code. Those administrators have not probably read or understood the settings of documentation like or Īll web applications - also current moodle - can have security holes and professional hackers and spammers can use the tiniest possible chance you give them but if settings are correct and you don't allow anybody (any bot) to self-enroll and fill user profiles with nasty stuff (this issue can be prevented with correct settings) or directly write to your php files (permissions of web accessible files can't allow writing to anybody) and your site is not otherwise open to attacks and injections (for example php setting register_globals is not enabled) your moodle site should be rather safe. Micro Focus Secure Messaging Gateway web administration and quarantine components SQL. Security Development Lifecycle Server Side Includes Sherdog Signalling System 7. We have seen that user profile spam for years and most likely are going to see it for years because attitudes don't change in 10 years. Drupal Dynamic Invocation Interface Dynamische Bindung Dynamo. I really did not say all this stuff is "old" - but most of those sites that get hacked or still have user spam are using old, non upgraded versions of moodle. Dear "Block my posts I'll still post when I want : - ) ",
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |