I've got a question for you guys! I've been poking through the error logs
and came across a mass of errors indicating that someone is trying to inject
SQL into some of my queries:
Invalid data 235' and user>0 and ''=' for CFSQLTYPE CF_SQL_INTEGER.
The specific sequence of files included or processed is:
C:\..\..\..\..\index.cfm, line: 97
Thankfully, we had cfqueryparams on this site to prevent the attack from
succeeding. But still, the application.log file fills up with these things.
While I can clean them out manually if I have to, that's yet another step I
need to do on a daily/weekly/monthly basis - and there are a lot of these
attempts coming through amid legitimate errors that need to be fixed.
I considered wrapping the cfqueries in a generic try-catch, but I don't want
to lose potentially valid errors in that catch. I'm not sure how I could
differentiate between an injection attack and a potentially legitimate
error.
Just looking for some opinions or suggestions on what could be done in these
cases.
Jonathon
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
ColdFusion is delivering applications solutions at at top companies
around the world in government. Find out how and where now
http://www.adobe.com/cfusion/showcase/index.cfm?event=finder&productID=1522&loc=en_us
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:286758
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
