BioFox Games Forums

Not to worry, our site is still completely secure. This is the advantage of writing all our code with a security mindset.

However, this is a reminder to all of you with access to the visitor tracker not to go to any strage websites listed, ESPECIALLY if they are in the 'pages viewed' section of the front page, and in the format '/index.php?page=http://{url}'. THESE ARE ATTEMPTED ATTACKS AGAINST OUR SERVER. While they are all unsuccessful, it is simportant to note that there may be other malicious content in the webpages. Unless you want your browser pwn'd, don't go there.

Also, watch out for page referrers you don't know.

Conclusion: Website is secure, but don't go to odd webpages.

Why is our website secure? Is it because of the OS it's on, or the language it's written in, etc.?

Ah man, last week I went to the doctors to get my PHP shot. Hurt like a mother, but now I'm secure too...

At least our site is still solid! Woo

its solid because I know how to write secure PHP. Its solid because I write code which filters and validates ALL its inputs (including those that most people never see like user-agent and referrer). Its solid because I never include external files, except in a hard-coded (IE: include('filename.php');) way.
Unfortunately, not everyone does. Some include based on filename inputs in the url, which are easily manipulated to get pages from other sites and run that code. This unfortunately leads to pwnage of websites. Which most people never figure out either.
So those strage values for index.php?page=[url] are people trying to break into the website though a kind of attack that we.. simply aren't vulnerable to.

And Manette, I hope you got the hardening patch with that, or its not very much good.

Dajon Cosis 72 Wrote:And Manette, I hope you got the hardening patch with that, or its not very much good.

Er... Of course =P