Tag: security

17 Are PDFs still an XSS problem with EE uploads? 2012-11-21T19:11:03.783

15 How would you wrap EE authentication around a custom app? 2012-11-15T20:04:37.693

15 How secure is EE? Will it pass penetration tests? 2013-08-29T11:41:44.890

9 Inserting entries from remote posted XML 2012-12-09T13:26:06.730

9 Have forms been broken by new security issue? 2013-09-27T09:33:55.437

6 Saving Credit Card Info 2014-06-04T09:52:15.870

6 Securing form data 2014-06-11T05:06:48.163

6 How to fix "This form has expired. Please refresh and try again." 2015-05-12T01:03:40.243

4 Log out upon tab/window close 2012-11-27T15:24:50.207

4 Password Protect Development Environment Only? 2013-01-15T17:12:45.407

4 Securing the control panel with SSL 2013-02-21T03:17:32.163

4 Intelligent ways to force redirects before a session ends? 2013-02-28T11:29:22.390

4 What is the security issue that 2.7.2 solves? 2013-10-21T15:12:03.713

4 How to stop external site redirect hijacking? 2013-12-17T23:58:04.940

4 What is best practice for protecting templates saved as files? 2014-06-20T16:30:38.830

3 Update User-Added Resources to SSL-Friendly URLs? 2013-01-10T19:19:40.653

3 ExpressionEngine and CORS? 2013-02-14T17:19:20.413

3 Cartthrob payment gateway (Worldpay) callback gives "the action you have requested invalid post back" 2013-11-08T14:57:34.903

3 What is the level of risk in enabling user-uploaded photos in EE? 2014-05-08T01:37:27.797

3 Variable SSL and Cookies 2014-06-25T18:56:43.710

2 How to protect a digital directory but allow downloads? 2013-02-07T16:34:29.567

2 General backup security question when using Amazon S3 2013-02-25T15:01:24.303

2 Issues when putting system outside web root 2013-03-26T19:00:58.167

2 Secure Login Forms 2013-04-02T11:41:54.460

2 Login Password Does Not Save 2013-11-19T23:01:05.730

2 EE, SSL, and insecure content 2013-11-23T05:57:24.547

2 Auto-create random ‘secure’ (obfuscated) url titles 2014-02-21T12:14:28.690

2 Can you add to the restricted tags filter for security in EE to secure the application further? 2015-04-10T10:16:26.087

1 DB Error with Solspace Friends on new Install of EE 2.5.5. Solutions? 2013-01-02T12:21:36.227

1 Page refresh on submission of entry_form with the text "select" in it 2013-02-12T15:41:54.620

1 Safecracker forms fail PCI DSS 2013-05-28T10:54:17.303

1 Does Throttling affect "good" bots negatively? 2013-07-18T19:09:35.480

1 Set item pricing based on incoming (referer) URL 2013-09-04T00:44:22.563

1 XID created for every page load and many non-form items increasing size exp_security_hashes table. Bug with 2.7.1? 2013-10-08T03:05:01.740

1 No matching hash algorithm on login 2014-03-26T15:43:57.430

1 How to make Freeform forms editable without using the entry_id in the URL 2014-10-23T06:07:47.283

1 Security test fails on freemember:update_profile form 2015-05-22T12:18:30.860

1 What file holds the "Invalid username" message? 2015-08-12T21:13:30.797

1 Does anyone know any details on the recent security release notifications? 2017-02-09T22:27:07.337

1 Is there any setting in Expression Engine that does not permit cross-origin framing? 2017-12-27T20:02:05.090

0 How do I implement EE security best practice with vhost dedicated server 2013-02-15T15:29:09.117

0 Expression engine core version limitations 2013-05-10T07:25:13.920

0 Recovering from a site hack, preventing another one 2013-05-11T14:32:36.080

0 Vimeo pro/plus content with Duct Videos 2013-05-29T18:33:23.720

0 Prevent access to templates from a remote server 2013-07-31T11:18:16.757

0 Site Hacked, No Original Email 2013-10-22T14:33:00.667

0 Building a client portal 2014-02-25T19:06:09.937

0 Is it safe to initiate a temporary session in plugin for use with the Channel Entries API? 2014-05-01T02:37:43.110

0 Security issues with putting member id in URI segments? 2014-06-09T18:41:37.790

0 Security on a redirect page for a short URL service 2014-07-07T23:39:12.647

0 Channel Form: Why is Wygwam/CKFinder disabling the file browser for security reasons? 2015-01-13T21:13:41.680

0 Security of an Action URL called from AJAX 2015-03-13T10:33:47.797

0 Is it necessary to hide the system folder from search robots? 2015-04-16T21:28:44.333

0 "This license is in use on multiple domains" - Privacy & Security issue? 2015-06-22T02:50:43.830

0 Module development: Any reasons creating catch-all action is a bad idea? 2015-09-26T17:46:15.757

0 How to secure uploaded files 2016-02-08T17:46:21.300

0 Index.php altered on production server 2016-08-19T18:43:38.193

0 Prevent CSRF token expiring for EE powered kiosk 2016-11-29T09:50:39.923

0 Installation hacked - rogue link inserted onto page 2017-09-21T08:54:05.847

0 Cannot login to CP importing db 2018-01-22T15:14:52.980

0 Automatically creating an alphanumeric number for each new entry 2018-09-19T09:52:54.987

-1 Basic security for entries using checkboxes 2013-02-15T04:55:07.030