0

I would like to completely delete or block access to a specific page in my site.

More specifically, I have seen this exploit "Joomla COM_MEDIA Exploit" : http://all1gat0r.blogspot.gr/2013/08/joomla-commedia-exploit.html

and from what I see, there is the page : /index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder=

The exploit does not work on me, but anyway I want to completely remove the above page. How can I do this?

Web Server : Ubuntu 14.04 LTS ( with installed Mod Security2 )
Web Site : Joomla 3.1.5

Shake-the-World
  • 11
  • 5

1 Answers1

1

As the query change the order of the parameters and be still exploitable and I am not very proficient in mod_security, I would probably use mod_rewrite to block it:

In the conf file of your apache server where all the stuff to configure Joomla are, add the following:

RewriteCond %{QUERY_STRING} option=com_media
RewriteCond %{QUERY_STRING} view=images
RewriteCond %{QUERY_STRING} tmpl=component
RewriteCond %{QUERY_STRING} fieldid
RewriteCond %{QUERY_STRING} e_name=jform_articletext
RewriteCond %{QUERY_STRING} asset=com_content
RewriteCond %{QUERY_STRING} author
RewriteCond %{QUERY_STRING} folder
RewriteRule index.php - [F,L]

Note: you may need to load mod_rewrite and initiate it

LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine on
NuTTyX
  • 1,128
  • 5
  • 10