. (two periods).
Other classes in the joomla.filesystem library include JFile, JFolder, and JArchive.
It's important to realize that none of these classes validate path parameters to
prevent snooping. This is because there are times when we expect a path to be
classified as snooping.
Dealing with Attacks
Parsing input is only one part of security handling. Another part is the evasive
action that an extension can automatically take if an attack is detected. Here are three
good ways of dealing with detected attacks; they could be used separately or in
conjunction with one another:
1. Log the user out, possibly blocking their account.
2. Maintain a log file of detected attacks.
3. Email the site administrator and inform them of the attack.
Chapter 11
[ 333 ]
Log Out and Block
If the attack has come from a logged in user we can end the user's session and
optionally block them from logging in until an administrator unblocks their
account. Logging out a user and blocking them may not be appropriate. An instance
appearing to be an attack could be a genuine mistake on the part of the user or a
misclassification.
Pages:
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463