cfcoderphil
Guppy
Hi,
I have a coldfusion page that inserts guestbook entry into my mySQL db. This past few weeks, I am receiving a lot of unwanted guestbook entries such as cialis, viagra links that fills my DB.
I suspect that there is a malicious script that send form parameter to the page that inserts to my DB. I'm getting 10 entries per day.
I googled out this issue and most of the results is to patch the coldfusion server but the support people told me that it doesn't need to patch the server but post here that anybody have come to this issue and resolve.
since we are using coldfusion mx6, I can't add an attribute "scriptprotect=all" in my application as this was just added in mx7 thinking that this might prevent those unwanted entries. I am thinking also of now accepting any requests if it doesn't comes from my IP but I just want to check with anybody out there that might have the same problem with me.
Any suggestion or help would be greatly appreciated.
Thank you
I have a coldfusion page that inserts guestbook entry into my mySQL db. This past few weeks, I am receiving a lot of unwanted guestbook entries such as cialis, viagra links that fills my DB.
I suspect that there is a malicious script that send form parameter to the page that inserts to my DB. I'm getting 10 entries per day.
I googled out this issue and most of the results is to patch the coldfusion server but the support people told me that it doesn't need to patch the server but post here that anybody have come to this issue and resolve.
since we are using coldfusion mx6, I can't add an attribute "scriptprotect=all" in my application as this was just added in mx7 thinking that this might prevent those unwanted entries. I am thinking also of now accepting any requests if it doesn't comes from my IP but I just want to check with anybody out there that might have the same problem with me.
Any suggestion or help would be greatly appreciated.
Thank you