| View previous topic :: View next topic |
| Author |
Message |
Jing
Joined: 15 Mar 2008
Posts: 6
|
 Posted: Mar 19, 2008 10:20 pm Post subject: Hacked or Bug? |
 |
|
I recently received uploads from ip address 127.0.0.1. And that's quite impossible because that's the local ip address of the server. So I'm wondering if there is a bug or is there an exploit for the script?
Here's a screenshot.
Thanks! |
|
| Back to top |
|
 |
PilgrimX182
Joined: 22 Mar 2006
Posts: 1107
Location: Undisclosed location
|
| Posted: Mar 20, 2008 8:30 am Post subject: |
|
|
Don't think it's a hack. We use HTTP_X_FORWARDED_FOR header to get IP if available (allow to get ip behind the proxy) - I guess this dude just use local proxy on his computer.
If you would like to use standard method you can find in Session.pm
| Code: | | return $ENV{HTTP_X_FORWARDED_FOR} || $ENV{REMOTE_ADDR}; |
and replace with
| Code: | | return $ENV{REMOTE_ADDR}; |
|
|
| Back to top |
|
|
Jing
Joined: 15 Mar 2008
Posts: 6
|
| Posted: Mar 21, 2008 2:51 am Post subject: |
|
|
Oh thanks. It got me worried for a while.  |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
Powered by phpBB © 2001, 2005 phpBB Group
|
Register
Search
Profile
Log in to check your private messages
Log in
EZYWebhost - Cheap XUpload & XFileSharing 100% campatible hosting
