Hi Folks,
Have just been informed by Sitelock (Malware protection on my Bluehost Hosted Site) that I have 6 Vunerabilities to Cross Scripting… See pic!
Advice please, should I be worried, these URLs all seem to be in the Backlight directory Structure.
Regards
Jon
Hi Jon, without meaningful descriptions there’s nothing to go on there. It looks to me that the detection is using a crude algorithm that doesn’t amount to anything.
Hi Ben,
I’ve had SiteLock for a while on Bluehost, just renewed and it seems that since then SiteLock has become very noisy in the alerts in sends out to me. I’ll try and get some info on the descriptions…
Thanks
Jon
Hi Jon, it will be interesting to see what descriptions they can provide.
Those parameters listed (a, c, m, p1 and p2) are Backlight’s mechanism for handling application routing. For example, a link such as /backlight/publisher/admin/view_album/100 will be mapped by the .htaccess file to m=publisher, c=admin, a=view_album and p1=100 where m means module, c means the controller (the part of the module that’s processing the request), a means action and p1 means parameter one.
While this exact mapping convention is specific to Backlight, it’s a common approach to building web application frameworks, and doesn’t represent anything worth flagging from a security perspective.
Hi Ben,
Dear Jon,
Thank you for your recent inquiry. The Vulnerability scan result description is providing you the Javascript expression and objective. This would be looked at by a developer versed in Javascript to interpret. You can learn more about javascript objections and expressions at this link here,
Typically, if you’re using any Javascript based applications or plugins. You may simply need to update them inside your CMS tool.
I’ll keep you informed as to progress…
I the meantime, does anyone have any suggestions as to an alternate hosting company if I wanted to move from Bluehost and are there any other products I could use for site security other than SiteLock?
Regards
Jon
I use HostMonster - been a good hosting service for me - very responsive if I ever run into issues, which have been very few over last 5-6 years.
Hi Folks,
So here’s the fianl reply from SiteLock, not very helpful and a bit bullish. Listed for information only;
Thank you for your recent inquiry. We recommend having any vulnerability concern you may have reviewed by your website or application developer. The Vulnerability Scan is a feature of our security services. However we do not support your specific website or vulnerability issue. The recommendations provided previously may resolve the issue if you do look into performing updates. We are not able to remove the files from our scan database as it does pose a vulnerability.
Not sure there is anything that can be done with this, looks like I’m off to a new provider when this expires…
It sounds like they’re putting their replies through a few rounds of Google Translate.
FYI, the framework that uses those parameters is in PHP, not JavaScript…
Hi Jon,
I can highly recommend Westhost. www.westhost.com
I have been with them for close to ten years and the service has been perfect. They are in Salt Lake City, UT. They have 24/7 tech support and you can reach a real, live person via phone or chat, never having to wait more than a couple of minutes in a queue.
John
