Posting in the Magento forums has been disabled pending the implementation of a new and improved forum solution which should better serve the community.

For new questions please post at magento.stackexchange.com, the community-run support site for the Magento community. We will be providing updates on the new forum solution soon. For questions or concerns please email community@magento.com.

Magento Forum

strange searches entered in search box:  !S!WCRTESTINPUT000000!E!’
 
magentome
Jr. Member
 
Total Posts:  10
Joined:  2010-06-25
 

Hello all,

Since 3 days someone or something is entering strange seraches in the frontend of the websites. If I look in my admin, then the latest searches shown include these: !S!WCRTESTINPUT000000!E!’ and !S!WCRTESTINPUT000000!E!’ and ‘7’=’7 and variations of it like 999999 7=7 and so on.

Is someone trying to hack the website? Is there a way to prevent this, can I for instance block entry of special characters in the search field,
so characters like ! and ‘are not accepted?

Your advice is very much appreciated,
thanks and regards,
wessel

 
Magento Community Magento Community
Magento Community
Magento Community
 
thebod
Moderator
 
Avatar
Total Posts:  81
Joined:  2010-08-11
 

Hi,

yes, this is a very stupid try to hack you by testing the search function for mySQL injection.

Don’t worry Magento is by design save against this kind of attacks so you don’t need to change anything on your website.

Just ignore it wink

 
Magento Community Magento Community
Magento Community
Magento Community
 
magentome
Jr. Member
 
Total Posts:  10
Joined:  2010-06-25
 

thank you for your answer, saves a lot of stress!

Cheers,
Wessel

 
Magento Community Magento Community
Magento Community
Magento Community
Magento Community
Magento Community
Back to top