Introduction

Site Security

This plugin adds a simple but, in most cases, fondamental protection against SQL injection and LFI (local files inclusion) attacks. It checks data sent to Joomla and intercepts a lot of common exploits, saving your site from hackers.


  • Filters requests in POST, GET, REQUEST and blocks SQL injection / LFI attempts.
  • Notifies you by e-mail when a alert is generated.
  • Protect also from unKnown 3rd Party extensions vulnerability.
  • White list for safe components (at your risk ;) )
  • automatic ip blocking on attack

Enable mail report and prepare yourself to be scared!

Anyway remember that security it is a 'forma mentis', not a plugin!

HISTORY

Version 1.4 Apr 28th, 2014:
* minor code fixes (not security related)
* default table type set by DB engine
* table creation by sql install file

Version 1.2 Mar 26th, 2013:
* Joomla! 3.0 compatility & coding style
* try - catch table checking
* InnoDB table support
* it works fine, nothing else to do on J2.5 ;)

Version 1.1 (Mar 10th, 2011)
* ip auto banning on attack (ip blocking)
* RegEx improvements to intercept more SQL attacks

Version 1.0 (Jan 7st, 2011)
* Joomla! v1.6 compatibility
* send mail also when error is raised
* minor code optimization

Version .98a (Jun 1st, 2010) Thanks to Jeff
* fixed backtics matching
* fixed union all matching
* fixed ....// exploit
* added more info to report mail

Version .98 (May 29th, 2010)
first release.

Please, keep in mind, I repeat: this plugin intercepts a lot of common exploits, not ALL!! this should be intended as an help, this is not "THE SOLUTION".

Using Marco's SQL Injection in Joomla 2.5 and 1.5 since version 1.1 (April 2011).

Advantages: basic protection of SQL injection, attack attempts to notify the site.

Disadvantages: not currently identified.

Support - not used.

Unfortunately there is no way to verify the effectiveness of this extension yourself.

Use this extension on graduate school ites.

Engaged in web technologies since March 2007. Use Joomla since December 2009.
Thank you very much. I instaldo the extension and I hope that this is more difficult that malignant iyecten instructions to site ... thanks for sharing work and above all keep fighting for freedom and security ... thanks

good ext



Posted on 24 April 2012
very nice, but how can we interpret the email messages with the hack attempts, so we can try and fix something if needed? is there a place to post those email messages with the sql injection attempts to get help on them?
Owner's reply: Hi learwbc4,
the report is designed for a sysadmin because only an experienced one can understand what to do.
Anyway every one can get a quick help by posting a comments on the page of the plugin: as soon as possible I will reply. (don't post the full hack, I use this plugin too!!)

thak you for using this extension,
marco

Attack Intercepted



Posted on 06 April 2012
Your plugin just indicated an attack from an overseas location. I added this tool to my site as a matter of principle just in case it was attacked. Now after having the site up for only 45 days I suffered an attack.

Will be sharing details of the attack with my web hosting provider.



Thanks for providing this great tool to the Joomla! community. Much appreciated.

Good Work



Posted on 01 April 2012
Somebody tried to hack my site with a code injection. I have received an e-mail about this. This extension do the job very well. Thanks.
I've used this on several of my websites. It's really good, easy to install and helps me sleep better at night knowing i got some protection on my websites. A must have for any serious Joomla webmaster!



Thank you Marco!

Very important



Posted on 04 January 2012
The amount of attacks it prevents is pretty scary. Install this, then start looking for the problems.

Great



Posted on 12 December 2011
Very good job Marco. I use your plug for all my sites.

Excellent plugin!



Posted on 08 December 2011
Excellent plugin, easy to use and extremely useful, thank u!

Great work Marco



Posted on 08 December 2011
This plugin is really great, does what it is build for. I installed it on my 2 websites, and what a surprise... 30 email per night... so my website is now much safer... Thank you for good plugin

Marek
Marco's Google(TM) bot access
Free

Marco's Google(TM) bot access

By marco maria leoni
Site Access
This plugin allows to spiders and robots, like Google(TM), MSNBot(TM) or Yahoo(TM), to access the pages of the site reserved to the 'Registered' users. Sometimes you have to protect interesting contents to get users' registration for commercial purposes or simply to create a community. But if content are not accessible, how can users know about their existance? With this plugin the search engine...
Marco's noFollow
Free

Marco's noFollow

By marco maria leoni
SEO & Metadata
This plugin allows you to add "rel" and "target" attributes to all outgoing links in articles on your Joomla!, so you can avoid to disperse the Page Rank on the web by setting the attribute rel = "nofollow" on all outbound links, and you can keep visitors on your site by setting the target = "_blank" attribute. Configuration is very easy, simply select the action to be taken for the two attribute...
Marco's parallax background scroller
Free

Marco's parallax background scroller

By marco maria leoni
Page Background
A plugin for parallax background scrolling in Joomla! This is a nice background scrolling effect with a simulation of a pseudo parallax effect. You can insert one or more image in your articles and define an horizontal stripe (view port) to see the images as they was really a landscape through a window. See this plugin in action! Features . Easy to use and configure . CSS3 and responsive . plugi...
Marco's buy me a beer
Free

Marco's buy me a beer

By marco maria leoni
Donations
This implementation of Buy me a beer in Joomla!, is a smart & funny way to get a donation without the need to specify ethical reasons: "Do you think my job was useful? Ok, buy me a beer, I just wanna have a drink, not save the world!" Features works on multilingual site; every text in the donation form can translated using Joomla's language override feature; automatic PayPal's interface languag...
Marco's PrestaShop Authentication
Free

Marco's PrestaShop Authentication

By marco maria leoni
Site Access
This plugin allows to customers of a PrestaShop™ e-commerce to access the Joomla! site without a new registration. This is a fast authentication bridge between the two systems. Prestashop to Joomla bridgeThis plugin allows to use an existent PrestaShop e-commerce to authenticate its users on a Joomla installation. Features plugin works on J2.5 and J3.x sites; no need of double registration;...

Marco's SQL Injection

Version:
1.4
Developer:
marco maria leoni
Last updated:
Nov 18 2014
10 years ago
Date added:
Nov 18 2014
License:
GPLv2 or later
Type:
Free download
Includes:
p
Compatibility:
J3
Download

This extension does NOT implement the Joomla! Update System

Score:


Write a review