Home

security

How to hide / encrypt CCK Email field with JS against spammer

Submitted by n8coder on Tue, 02/09/2010 - 17:58

I got headche while searching for a filter to encrypt/hide email cck field to protect email addresses from spambots. I have installed , deinstalled, activated-deactivated rearranged input filters with both invisimail and spamspan but no luck! Finally I decide to change code in email.module. It works! Go and open "sites/all/modules/email/email.module" and find the line 115 like this:

/**
 * Theme function for 'default' email field formatter.
 */
function theme_email_formatter_default($element) {
Tags:

Check password safety with JavaScript while typing

Submitted by ajax2 on Wed, 06/03/2009 - 23:18
You can show password strength to your visitors while typing before even submitting the page to the webserver. There are four character groups: letters, caps, numbers and symbols. A password which is longer than 7 characters and contains at least one character from each group is strong vz537gnjua. A password which is at least 8 character long and has all characters from one group is weak (but not very weak). A password which contains all characters from one group and at least 20 characters long is also strong.
Tags:

Register Globals Emulator for PHP

Submitted by php beginner on Wed, 06/03/2009 - 15:09

If your webhosting turned register-globals off and you are still using a script/software which requires register-globals on you have a problem. But there is an easy solution: Just put this code at the top of your php script(s). Attention!!! "register_globals=on" means a huge security risk. Do not turn it on unless you know what are you doing!
Technorati Profile

foreach(array($_GET, $_POST, $_COOKIE) as $k=>$v){
	foreach($v as $k2=>$v2){
		$$k2 = $v2;
	}
}
Tags:

Alternative captcha ideas for future

Submitted by n8coder on Tue, 05/19/2009 - 15:12

Now there are multiple captcha types against spam/abuse:

image captcha
ascii captcha
audio captcha
math captcha
easy questions

How will next generation captchas look like? I think in the future there will be much more captchas types like:

car captcha
film captcha
famous people
famous places
number to text
word suggestion with add remove extra letters(ie: gogle, new yoork)
animals (ie: which animals do you see in this picture from left to right)
traffic captcha

What do you think what more could be one of next spam-preventing technologies?

Tags:

Check password strength / safety with PHP and Regex

Submitted by n8coder on Wed, 05/13/2009 - 14:51

Password Validation with PHP and Regular Expressions

What is a good password? Your birthday, favorite star or first school, car, ...? None of them, because all similar passwords are very easy to crack.

My golden rule for safe-passwords is simple: Google or any search engine should NOT find any result for your password-string. But do not search for your password without changing some characters, because it will be visible as clear-text to all networks between your pc and Google server.

Tags:

How do I secure my web site?

Submitted by n8coder on Sat, 05/09/2009 - 03:24
  1. Brute force dedection should be enabled.
  2. Cache directories should be secured.
  3. Captcha's should be enabled and required for anonym users to avoid spam.
  4. Code Injection should be prevented.
  5. Cookies should NOT be used to store passwords and sensitive data.
  6. CSRF should be prevented.
  7. Directory listing should be disabled.
Tags:

Secure Network against Sniffers

Submitted by Anonymous on Tue, 03/09/2010 - 14:52

How can I Secure my PC / Network against Packet Sniffers? I am in a insecure network. What kind of risks are there and how or with which tools can I defend my computer.

Tags:

Norton Mcaffee web.sec sucks! Avira dedected virus

Submitted by Anonymous on Tue, 02/09/2010 - 10:59

Donot visit following url! Its is trying to infecf a HTML-virus. I have a blog and saw "netvibes DOT com" under referer (fake). I was sure that I dont that website and wanted to check first before I visit using a web browser. I have visited http://safeweb.norton.com and gave thet url. Norton says it is safe! I have visited that url and Avira gives me a virus alert!

Avira Guard found a malware: 'C:\Users\...\AppData\Local\Opera\Opera\cache\opr02PRH'
...found unwanted program.. 'HTML/Crypted.Gen' [virus].

Tags:

Free online anti virus scanner

Submitted by Anonymous on Mon, 02/01/2010 - 14:39

I am using free version of Avira. I think it is not enaugh, therefore I wanted to check my pc with Kaspersky online scanner but Kasperski has deactivated their online scanner. I dont want to download and install multiple trial versions. Can you advice me which free virus scanner is good? Antivirus shoud be able to catch trojans, malware, dialers, keyloggers etc...

Tags:

How to filter all html tags from each _GET and _POST request

Submitted by Anonymous on Mon, 01/18/2010 - 12:41

If you have a small website which uses php and accept just plain text from users or visitors you need to filter each request to be sure that nobody sends html to hack your site. I put following two lines at the top of my php file. Of course you can add the third line for cookies.

	foreach($_GET as $k=>$v)	$_GET[$k] = strip_tags($v);
	foreach($_POST as $k=>$v)	$_POST[$k] = strip_tags($v);
Tags:
Syndicate content

CafeWebmaster.com(CW) is a free online community for webdevelopers and beginners. Anybody can share their code, articles, tips, tutorials, code-examples or other webdesign related material on the site. Newbies can submit their questions and reply to existing questions. CW does not guarantee or warrant reliability of code, data and information published on the site. Use the site on your own risk. The site takes no responsibility of direct or indirect loss or any kind of harm to its users. The site also doesn't take responsibility of infected files or source code with any kind of infection or viruses, worms, spywares, malwares, trojan horses. CW reserves the right to edit, move, or delete any of content for any reason.