Activity Not Available
6
I Use This!

News

Analyzed 2 months ago. based on code collected 2 months ago.
Posted 11 days ago by in...@ocportal.com (ocProducts)
8.1.28 released. Read the full article for more information, and upgrade information.
Posted 12 days ago by in...@ocportal.com (ocProducts)
9.0.30 released. Read the full article for more information, and upgrade information.
Posted 15 days ago by in...@ocportal.com (Chris Graham)
Hello,A security researcher has contacted us to make us aware of some weaknesses in the design of our master password system.There is no vulnerability here per se, however he/she raises some valid concerns. Essentially it boils down to us not forcing ... [More] users to choose strong passwords and a lack of strong defences for brute force password guessing attempts. We can improve on what we do, and we want to provide additional advice to our users.We want to thank the security researcher (who has not provided his/her full name) for providing us with a professional and detailed threat analysis. Basic protection We will be addressing these concerns within Composr, but to be protected please ensure your master password follows these rules: at least 8 characters in length contains at least 1 upper case character contains at least 1 lower case character contains at least 1 number contains at least 1 symbol Further optional protection Alternatively/additionally you can temporarily remove the $SITE_INFO['admin_password']='xxx'; line from your info.php file and only put it back when you need to log into a maintenance script such as the upgrader.To provide additional protection beyond the master password you may want to set IP-based restrictions (or temporary access blocks) to the following scripts: rootkit_detection.php upgrader.php uninstall.php data/upgrader2.php config_editor.php code_editor.php Follows are sample access rules for an Apache .htaccess file to provide a temporary access block: Code    Order allow,deny   Deny from all You should test these rules are working correctly after applying them. [Less]
Posted about 2 months ago by in...@ocportal.com (ocProducts)
8.1.27 released. Read the full article for more information, and upgrade information.
Posted about 2 months ago by in...@ocportal.com (ocProducts)
9.0.29 released. Read the full article for more information, and upgrade information.
Posted 2 months ago by in...@ocportal.com (ocProducts)
8.1.26 released. Read the full article for more information, and upgrade information.
Posted 2 months ago by in...@ocportal.com (ocProducts)
9.0.28 released. Read the full article for more information, and upgrade information.
Posted 3 months ago by in...@ocportal.com (ocProducts)
8.1.25 released. Read the full article for more information, and upgrade information.
Posted 3 months ago by in...@ocportal.com (ocProducts)
9.0.27 released. Read the full article for more information, and upgrade information.
Posted 4 months ago by in...@ocportal.com (ocProducts)
8.1.24 released. Read the full article for more information, and upgrade information.