[wp-forums] found it
Otto
otto at ottodestruct.com
Sat Aug 14 21:08:31 UTC 2010
Something has gone wrong somewhere with the filtering on the forums. I
saw LI and A HREFs being put into the forum earlier, which screwed up
the layout of one of the pages.
-Otto
On Sat, Aug 14, 2010 at 4:02 PM, James Huff <macmanx at gmail.com> wrote:
> I don't think the code was active, it was just filtered as a warning by AVG.
>
> I'd be concerned about filtering. You know the old saying, once you filter the bad stuff, you filter the good stuff too. If we start filtering things like "eval(" we'll be unintentionally filtering users who have a legitimate reason for posting something like that.
>
> As suggested by Samuel on that topic, I think we need to be stricter about simply removing pasted code and referring users to the pastebin.
>
>
> ________
> James Huff
> http://www.macmanx.com
> http://programnotes.wikia.com
>
> On Aug 14, 2010, at 1:54 PM, Mark Ratledge wrote:
>
>> I advised them to use pastebin beforehand, but sounds like they're fairly new.
>>
>> And when I saw it, I didn't realize code could be active like that. Looked like code usually found in a hacked htaccess, but was in wp-config.
>>
>> Wonder if there is a way for bbpress to strip out some parts of exe code?
>>
>>
>> On Aug 14, 2010, at 2:41 PM, S Bollinger wrote:
>>
>>> a guy posted his .htaccess with the exploit in it
>>> removed the code and warnings have stopped
>>> wow
>>> Samuel B.
>> _______________________________________________
>> wp-forums mailing list
>> wp-forums at lists.automattic.com
>> http://lists.automattic.com/mailman/listinfo/wp-forums
>
> _______________________________________________
> wp-forums mailing list
> wp-forums at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-forums
>
More information about the wp-forums
mailing list