| 2023-09-06 |
Roland Häder | Continued: master |
commit | commitdiff |
| 2020-11-04 |
Roland Häder | Continued: |
commit | commitdiff |
| 2020-11-04 |
Roland Häder | Continued: |
commit | commitdiff |
| 2020-11-04 |
Roland Häder | Continued: |
commit | commitdiff |
| 2020-10-28 |
Roland Häder | Continued: |
commit | commitdiff |
| 2020-10-28 |
Roland Häder | Continued: |
commit | commitdiff |
| 2020-08-11 |
Roland Häder | Continued: |
commit | commitdiff |
| 2020-06-06 |
Roland Häder | Continued: |
commit | commitdiff |
| 2019-08-13 |
Roland Häder | Continued: |
commit | commitdiff |
| 2019-07-11 |
Roland Häder | Continued: |
commit | commitdiff |
| 2019-05-16 |
Roland Häder | Continued: |
commit | commitdiff |
| 2019-04-03 |
Roland Häder | Continued: |
commit | commitdiff |
| 2019-04-01 |
Roland Häder | Continued: |
commit | commitdiff |
| 2019-04-01 |
Roland Häder | Continued: |
commit | commitdiff |
| 2019-04-01 |
Roland Häder | Continued: |
commit | commitdiff |
| 2019-04-01 |
Roland Häder | Continued: |
commit | commitdiff |
| 2019-04-01 |
Roland Häder | Continued: |
commit | commitdiff |
| 2019-04-01 |
Roland Häder | Also __CALLBACKPARAM needs blocking |
commit | commitdiff |
| 2019-04-01 |
Roland Häder | Checking against GET parameters is for the user-agent... |
commit | commitdiff |
| 2018-08-28 |
Roland Häder | Continued: |
commit | commitdiff |
| 2018-08-28 |
Roland Häder | Merge branch 'master' of mx:/var/cache/git/repos/ctracker |
commit | commitdiff |
| 2018-08-22 |
Roland Häder | Continued: |
commit | commitdiff |
| 2018-08-22 |
Roland Häder | Continued: |
commit | commitdiff |
| 2017-07-18 |
Roland Häder | updated (c) |
commit | commitdiff |
| 2016-09-23 |
Roland Häder | MantisBT need these being white-listed. |
commit | commitdiff |
| 2016-08-30 |
Roland Häder | Added "detection" of open_basedir and php:// protocol: |
commit | commitdiff |
| 2016-08-22 |
Roland Häder | Fixed parser error |
commit | commitdiff |
| 2016-08-22 |
Roland Häder | Sorted a bit + removed '.js' as this was to much and... |
commit | commitdiff |
| 2016-08-05 |
Roland Häder | Also block request methods such as CONNECT as they... |
commit | commitdiff |
| 2016-07-28 |
Roland Häder | Also __CALLBACKPARAM needs blocking |
commit | commitdiff |
| 2016-07-28 |
Roland Häder | Checking against GET parameters is for the user-agent... |
commit | commitdiff |
| 2016-07-28 |
Roland Häder | Only for testing purposes the string is being sanitized... |
commit | commitdiff |
| 2016-07-28 |
Roland Häder | Renaming season has started: |
commit | commitdiff |
| 2016-07-28 |
Roland Häder | Sanitize request strings (also serialized POST data... |
commit | commitdiff |
| 2016-07-28 |
Roland Häder | Continued: |
commit | commitdiff |
| 2016-07-28 |
Roland Häder | Continued improving: |
commit | commitdiff |
| 2016-07-27 |
Roland Häder | Updated a lot: |
commit | commitdiff |
| 2016-07-25 |
Roland Häder | Added MySQL internal-use-only function |
commit | commitdiff |
| 2016-07-25 |
Roland Häder | Also log request method |
commit | commitdiff |
| 2016-07-20 |
Roland Häder | One to much ... |
commit | commitdiff |
| 2016-07-20 |
Roland Häder | More PHP function calls (I don't like such RPCs) blocked |
commit | commitdiff |
| 2014-11-01 |
Roland Haeder | Added proc/self/environ |
commit | commitdiff |
| 2014-11-01 |
Roland Haeder | Added 'safe_mode' (php.ini setting). |
commit | commitdiff |
| 2014-11-01 |
Roland Haeder | Don't continue if the cookie has been set + ticket... |
commit | commitdiff |
| 2013-10-18 |
Roland Haeder | Added some php.ini settings to block |
commit | commitdiff |
| 2013-08-11 |
Roland Haeder | Reverted removal, maybe now working? |
commit | commitdiff |
| 2013-08-11 |
Roland Haeder | :( Not good enough |
commit | commitdiff |
| 2013-08-11 |
Roland Haeder | Added logging/detection of proxy IP address |
commit | commitdiff |
| 2013-08-11 |
Roland Haeder | server_name and script_name can now be NULL and set... |
commit | commitdiff |
| 2013-08-09 |
Roland Haeder | %20 was to much here |
commit | commitdiff |
| 2013-07-26 |
Roland Haeder | Just '/group' was to restrictive (e.g. breaks StatusNet) |
commit | commitdiff |
| 2013-07-20 |
Roland Haeder | Fix for parser error :( |
commit | commitdiff |
| 2013-07-20 |
Roland Haeder | Resorted almost all pattern checks + used more single... |
commit | commitdiff |
| 2013-07-20 |
Roland Haeder | Wrappers like data://, tcp:// et cetera now blacklisted |
commit | commitdiff |
| 2013-07-20 |
Roland Haeder | Use constants instead of keywords |
commit | commitdiff |
| 2013-07-18 |
Roland Haeder | Fixes (opps) for bad check, blocked all |
commit | commitdiff |
| 2013-07-18 |
Roland Haeder | Experimental commit: |
commit | commitdiff |
| 2013-06-04 |
Roland Haeder | Excluded secure_session=1 from mantis |
commit | commitdiff |
| 2013-04-18 |
Roland Haeder | Now use str_ireplace() |
commit | commitdiff |
| 2013-03-30 |
Roland Haeder | Better use this? |
commit | commitdiff |
| 2012-12-20 |
Roland Haeder | Docu updated, detection array resorted a little |
commit | commitdiff |
| 2012-10-24 |
Roland Haeder | Blocked also %27 (') |
commit | commitdiff |
| 2012-10-24 |
Roland Haeder | Detection of attempt of SQL injections added |
commit | commitdiff |
| 2011-09-27 |
Roland Haeder | 'cmd=' broke to many legtime requests, cmd.exe should... |
commit | commitdiff |
| 2011-09-14 |
Roland Haeder | .pl harms also legitime requests |
commit | commitdiff |
| 2011-08-27 |
Roland Haeder | Now all forms of '0x' are detected |
commit | commitdiff |
| 2011-08-27 |
Roland Haeder | DOCUMENT_ROOT and _SERVER added (avoid these things... |
commit | commitdiff |
| 2011-07-29 |
Roland Haeder | Block also these |
commit | commitdiff |
| 2011-07-29 |
Roland Haeder | init also this |
commit | commitdiff |
| 2011-07-29 |
Roland Haeder | Fix for missing 'ctracker_post_track' |
commit | commitdiff |
| 2011-06-24 |
Roland Haeder | Detection of hexa-decimal encoded (0xXXXXX) strings... |
commit | commitdiff |
| 2011-04-10 |
Roland Haeder | Duplicate entries removed, typo fixed |
commit | commitdiff |
| 2011-02-09 |
Roland Haeder | Fixed error reporting for debug mode |
commit | commitdiff |
| 2010-09-23 |
Roland Haeder | Some code blocks moved, detection of '..//' added,... |
commit | commitdiff |
| 2010-08-20 |
Roland Haeder | 'Based on' added, /proc/ will now be detected, do not... |
commit | commitdiff |
| 2010-07-08 |
Roland Haeder | Updated to allow database-less operation |
commit | commitdiff |
| 2010-05-16 |
Roland Haeder | Log of first attempt fixed |
commit | commitdiff |
| 2010-05-16 |
Roland Haeder | Fix |
commit | commitdiff |
| 2010-05-15 |
Roland Haeder | This should also not be used in URLs |
commit | commitdiff |
| 2010-05-11 |
Roland Haeder | Missing form elements handled |
commit | commitdiff |
| 2010-05-11 |
Roland Haeder | Fixes... :( |
commit | commitdiff |
| 2010-05-11 |
Roland Haeder | Complete rewrite: |
commit | commitdiff |
| 2010-05-04 |
Roland Haeder | Added more flexible options |
commit | commitdiff |
| 2010-01-07 |
Roland Haeder | Renamed to bypass naming conflicts |
commit | commitdiff |
| 2010-01-05 |
Roland Haeder | Now detects proxy usage |
commit | commitdiff |
| 2009-12-31 |
Roland Haeder | Mails updated |
commit | commitdiff |
| 2009-12-31 |
Roland Haeder | A lot spaces removed, array with server_name extended... |
commit | commitdiff |
| 2009-12-31 |
Roland Haeder | Unmodified GET data (query string) added |
commit | commitdiff |
| 2009-12-31 |
Roland Haeder | Some nice improvements: |
commit | commitdiff |
| 2009-12-31 |
Roland Haeder | First implemenation |
commit | commitdiff |
|
projects / ctracker.git / history