// Whitelist some absolute query strings (see below)
$GLOBALS['ctracker_whitelist'] = array(
- 'cmd=new', // LinPHA
- 'cmd=edit', // LinPHA
- 'cmd=lostpw' // LinPHA
+ 'cmd=new', // LinPHA
+ 'cmd=edit', // LinPHA
+ 'cmd=lostpw', // LinPHA
+ 'secure_session=1', // Mantis Bug Tracker
);
// Attacks we should detect and block
// Checks for worms
function isCrackerTrackerWormDetected () {
// Check against the whole list
- $GLOBALS['ctracker_checkworm'] = str_ireplace($GLOBALS['ctracker_get_blacklist'], '*', crackerTrackerQueryString());
+ $GLOBALS['ctracker_checkworm'] = str_ireplace($GLOBALS['ctracker_get_blacklist'], '*', urldecode(crackerTrackerQueryString()));
// If it differs to original and the *whole* request string is not in whitelist
// then blog the attempt