Skip to content

Plans for Http_Analyzer #2

New issue
New issue
Open
Open
Plans for Http_Analyzer#2
@szepeviktor

Description

@szepeviktor
szepeviktor
opened on Dec 3, 2016
  • How to restrict AJAX content type?
  • Block CDN attacks by what method?
  • order of headers to identify attackers
  • check POST: no more, no less variables
    a:5:{s:11:"redirect_to";s:28:"http://domain.com/wp-admin/";s:10:"testcookie"; s:1:"1";s:3:"log";s:5:"admin";s:3:"pwd";s:6:"123456";s:9:"wp-submit";s:6:"Log In";}
  • wp-login POST: login, postpass, resetpass, lostpassword, register
  • wp-login GET: logout, rp, lostpassword
  • non-login wp-login POST-s: comment, trackback, pingback, XML-RPC, WP-API, plugin POST-s

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions