To be clear, is sobs.com.au your domain name? On Tue, Nov 14, 2023 at 1:26 PM Murray Collingwood < mur...@focus-computing.com.au> wrote:
> Hi folks > > First time poster. I recently became aware that hackers were able to > include scripts in my URLs that would run (when reflected back to the > client web browser). > > Is there a simple configuration in Apache that allows me to apply strict > rules to the URLs that would stop this happening? > > Alternatively, is there something I have opened / allowed that enables > this? > > For example: > https://sobs.com.au/ui/appwaz.php/jiwzk%22onload%3d%22alert(1)%22tyysj > > > Hope you can help. > > Cheers > Murray > > > -- > Murray Collingwood > Focus Computing > > Australia ph 07 3175 0575 > New Zealand ph 03 928 1699 > > http://www.focus-computing.com.au > >