Search XSS directing to server default page

Home Forums BulletProof Security Free Search XSS directing to server default page

This topic contains 1 reply, has 2 voices, and was last updated by  AITpro Admin 3 months ago.

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #35507

    Nuno Miguel
    Participant

    If I trie to do www.example.com/?s=asd%27"><img+src%3D2+onerror%3Dalert%281%29+>

    instead of getting your 403.php the site presents the centos default page.
    Shouldn’t this be something that get’s caught by the plugin and redirect to your 403.php page?
    Thanks

    #35508

    AITpro Admin
    Keymaster

    BPS Security logging redirection to the BPS 403.php logging template file is handled by this htaccess directive code in your Root htaccess file:  ErrorDocument 403 /wp-content/plugins/bulletproof-security/403.php.

    What type of hosting is this? Shared, VPS, Dedicated? Do you have access to the server’s httpd.conf and vhosts conf files?

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.