Magento Forums
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Search term

‎08-14-2019 12:59 AM
‎08-14-2019 12:59 AM

Search term

Hi,

 

the following expressions were in my search terms :

-1 or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),C

Is that a security hole, how can I prevent such terms:

Thank you........

Labels:
0 Kudos
1 REPLY 1
‎08-14-2019 10:02 AM
‎08-14-2019 10:02 AM

Re: Search term

@erik_kleinThere are hackers / malware around all the time who keep making such attempt to hack into the website. Good thing is you saw and want to prevent. Search term is one of the various source. Means you have to thing about making overall Magento secure instead of just worrying about search terms.

 

Follow the best practices provided by Magento to keep your site safe is the best way to avoid such attempt. I would recommend to go through it, apply whatever you can, keep your Magento up to date, have a WAF / Firewall in place etc to make your ecommerce / Magento website safe. Follow the below link for complete details.

 

https://docs.magento.com/m2/ce/user_guide/stores/security.html

- Tarandeep
Problem solved?Please give 'Kudos' and accept 'Answer as Solution'.
0 Kudos