Another not so common approach, is spamstop. This little wrapper for cf, allows someone to filter the request by known attackers. So you could redirect them away or display garbage on the screen or whatever.
Maybe another stop gap measure. -- Senior Coldfusion Developer Aegeon Pty. Ltd. www.aegeon.com.au Phone: +613 9015 8628 Mobile: 0404 998 273 -----Original Message----- From: Mark Kruger [mailto:[EMAIL PROTECTED] Sent: Sunday, 17 August 2008 2:37 AM To: CF-Talk Subject: RE: SQL injection attack on House of Fusion David, As a stop gap while in full force you could use the ISAPI filtering technique or apache rewrite. This wuold keep it from reaching CF. Of course that still might mean changing for every site in your pool of sites. I have a post on it... The comments are pretty useful as well: http://www.coldfusionmuse.com/index.cfm/2008/8/8/isapi-rewrite-rule-prevents -sql-injection There are about 6 or 8 posts on the topic and links to many other blogs as well. If that doesn't work, I have dropped a blocker script into a few dozen vulnerable sites - again as as stop gap. It is important to note that these can only be considered a temporary fix. -mark Mark A. Kruger, CFG, MCSE (402) 408-3733 ext 105 www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -----Original Message----- From: David Moore [mailto:[EMAIL PROTECTED] Sent: Saturday, August 16, 2008 11:16 AM To: CF-Talk Subject: Re: SQL injection attack on House of Fusion I am new to the post, but I have been programming in CF for over 10 years and know some of you from the CF Forums. I am getting slammed with this crud as well on over 30 of my websites. Any suggestions as how to handle this for multuple sites on 1 server? I just discovered the issue as it seems to be targeting multiple sites on my server. David G. Moore, Jr. UpstateWeb, LLC ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:311130 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
