I've read several of the nuke security posts. Could someone please take 5 minutes or however long it may take to explain to me what is this sql injection stuff and how can I stop it from happening to me again? Is there a file or something I can store inside my database to stop the injection?
I'd like to feel secure and I definitely would like to make sure my members personal data is secure.
I have a privacy policy statement on my website and I'd like to live up to it by making sure all of my members information is secure.
I feel if they can tap into my sql database to screw up my website, I think they could retrieve personal information concerning my members as well.
I'd truly appreciate any insight one may have to help stop this madness from happening again.
ArtificialIntel
Joined: Jan 31, 2004
Posts: -88
Posted:
Wed Apr 02, 2003 12:17 pm
an SQL injection is basically when a wannabe hacker (they don't deserve the honorable title of hacker) uses a program that takes a URL on a site, and makes changes to an SQL database using that URL.
If you've applied all the security patches for Nuke 6.5, (they might have been included in the release that was available to the public today by default) then your stories should be ok.
There's 1 other little possible security problem that we're working on a solution to, but for now, simply disabling comments in stories, or restricting them to members only should do the trick.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
