Welcome, Guest. Please login or register.
Did you miss your activation email?
May 26, 2012, 02:00:10 PM

Login with username, password and session length
Search:     Advanced search
Wollen Sie dem WebsiteBaker Team beitreten?
Nähere Informationen finden Sie unter hier und auf unserer neuen Webseite.
155539 Posts in 21712 Topics by 7737 Members
Latest Member: deanmacullam
* Home Help Search Login Register
Pages: [1]   Go Down
Print
Author Topic: Website Baker Security Problem  (Read 8731 times)
FrankH

Offline Offline

Posts: 735


WWW
« on: December 26, 2010, 08:21:13 AM »
As found out by different sources, all current versions of Website Baker are vulnerable to CSRF attacks.
(If you do not know what CSRF is, google for it or have a look into Wikipedia.)
The upcoming version 2.8.2 of Website Baker will not be vulnerable anymore, but is not available yet.

To some degree, you can protect yourself against CSRF attacks if you do as follows:
  • 1. If you did it not already, install a second web browser
  • 2. Use another than your default web browser to administer your Website Baker site. The default browser is the one who opens when you click on a link in your email program, for instance.
  • 3. In the browser you are using for administration, do not open any other web pages as long as you are logged on to your WB site. Use the default browser for opening any other web site.
  • 4. As soon as you finished your administration task, log off from the WB site.

Frank
Logged
Ochs und Esel in ihrem Lauf
halt ich leider auch nicht auf
Pages: [1]   Go Up
Print
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.16 | SMF © 2011, Simple Machines Valid XHTML 1.0! Valid CSS!
Impressum & Datenschutz | powered by WebsiteBaker. ©2004–2010 by Website Baker Org e.V. , all rights reserved | Legal Notice & Privacy Policy