Hi Nicholas,
On one particular site, I keep getting dozens of DFI-Shield related errors. This site has JCE enabled (arrrgh!) and I was going to add an exception to WAF for it.
However - looking at the log, it doesn't look like the IP addresses correspond to any known admins that could be using JCE. They're using the Image Manager, and the entry always has the same cid:
?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form&cid=20&6bc427c8a7981f4fe1f5ac65c1246b5f=cf6dd3cf1923c950586d0dd595c8e20b
I've heard JCE loopholes are used by many hackers, so I'm wondering if allowing JCE to have an exception is therefore a bad idea.
As ever, keep up the good work!
Adam.
On one particular site, I keep getting dozens of DFI-Shield related errors. This site has JCE enabled (arrrgh!) and I was going to add an exception to WAF for it.
However - looking at the log, it doesn't look like the IP addresses correspond to any known admins that could be using JCE. They're using the Image Manager, and the entry always has the same cid:
?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form&cid=20&6bc427c8a7981f4fe1f5ac65c1246b5f=cf6dd3cf1923c950586d0dd595c8e20b
I've heard JCE loopholes are used by many hackers, so I'm wondering if allowing JCE to have an exception is therefore a bad idea.
As ever, keep up the good work!
Adam.
