Some SQL Injections Still Getting Through?
-
Hi,
Although this excellent and essential plug-in has certainly drastically reduced the incidence of SQL injections, it appears that some are still getting through. Here’s an example from my logs – this one was timed out before it took down MySQL (hence the “MySQL server has gone away” messages), but others have taken it down in the past:
[06-May-2014 18:27:26 UTC] WordPress database error MySQL server has gone away for query SELECT option_value FROM as_options WHERE option_name = '_bbp_use_wp_editor' LIMIT 1 made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/tarski/index.php'), get_header, locate_template, load_template, require_once('/themes/tarski/header.php'), wp_head, do_action('wp_head'), call_user_func_array, wp_print_styles, do_action('wp_print_styles'), call_user_func_array, ippy_bcq_add_scripts, get_option [06-May-2014 18:27:26 UTC] WordPress database error MySQL server has gone away for query SELECT p.id FROM as_posts AS p WHERE p.post_date < '2013-04-08 23:12:00' AND p.post_type = 'page' AND p.post_status = 'publish' ORDER BY p.post_date DESC LIMIT 1 made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/tarski/index.php'), get_header, locate_template, load_template, require_once('/themes/tarski/header.php'), wp_head, do_action('wp_head'), call_user_func_array, adjacent_posts_rel_link_wp_head, adjacent_posts_rel_link, get_adjacent_post_rel_link, get_adjacent_post [06-May-2014 18:27:26 UTC] WordPress database error MySQL server has gone away for query SELECT p.id FROM as_posts AS p WHERE p.post_date > '2013-04-08 23:12:00' AND p.post_type = 'page' AND p.post_status = 'publish' ORDER BY p.post_date ASC LIMIT 1 made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/tarski/index.php'), get_header, locate_template, load_template, require_once('/themes/tarski/header.php'), wp_head, do_action('wp_head'), call_user_func_array, adjacent_posts_rel_link_wp_head, adjacent_posts_rel_link, get_adjacent_post_rel_link, get_adjacent_post [06-May-2014 18:27:26 UTC] WordPress database error MySQL server has gone away for query SELECT option_value FROM as_options WHERE option_name = 'collapsArchStyle' LIMIT 1 made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/tarski/index.php'), get_header, locate_template, load_template, require_once('/themes/tarski/header.php'), wp_head, do_action('wp_head'), call_user_func_array, collapsArch::get_head, collapsArch::set_styles, include('/plugins/collapsing-archives/collapsArchStyles.php'), get_option [06-May-2014 18:27:26 UTC] WordPress database error MySQL server has gone away for query SELECT t.*, tt.* FROM as_terms AS t INNER JOIN as_term_taxonomy AS tt ON t.term_id = tt.term_id WHERE tt.taxonomy = 'nav_menu' AND t.term_id = 7 LIMIT 1 made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/tarski/index.php'), get_header, locate_template, load_template, require_once('/themes/tarski/header.php'), th_header, do_action('th_header'), call_user_func_array, navbar_wrapper, th_navbar, do_action('th_navbar'), call_user_func_array, tarski_navbar, wp_nav_menu, wp_get_nav_menu_object, get_term [06-May-2014 18:27:26 UTC] WordPress database error MySQL server has gone away for query SELECT t.*, tt.* FROM as_terms AS t INNER JOIN as_term_taxonomy AS tt ON t.term_id = tt.term_id WHERE tt.taxonomy = 'nav_menu' AND t.slug = '7' LIMIT 1 made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/tarski/index.php'), get_header, locate_template, load_template, require_once('/themes/tarski/header.php'), th_header, do_action('th_header'), call_user_func_array, navbar_wrapper, th_navbar, do_action('th_navbar'), call_user_func_array, tarski_navbar, wp_nav_menu, wp_get_nav_menu_object, get_term_by [06-May-2014 18:27:26 UTC] WordPress database error MySQL server has gone away for query SELECT t.*, tt.* FROM as_terms AS t INNER JOIN as_term_taxonomy AS tt ON t.term_id = tt.term_id WHERE tt.taxonomy = 'nav_menu' AND t.name = '7' LIMIT 1 made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/tarski/index.php'), get_header, locate_template, load_template, require_once('/themes/tarski/header.php'), th_header, do_action('th_header'), call_user_func_array, navbar_wrapper, th_navbar, do_action('th_navbar'), call_user_func_array, tarski_navbar, wp_nav_menu, wp_get_nav_menu_object, get_term_by [06-May-2014 18:27:26 UTC] WordPress database error MySQL server has gone away for query SELECT * FROM as_posts WHERE (post_type = 'page' AND post_status = 'publish') AND ( ID <> 4 AND ID <> 3 ) ORDER BY menu_order ASC made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/tarski/index.php'), get_header, locate_template, load_template, require_once('/themes/tarski/header.php'), th_header, do_action('th_header'), call_user_func_array, navbar_wrapper, th_navbar, do_action('th_navbar'), call_user_func_array, tarski_navbar, wp_nav_menu, call_user_func, tarski_default_navbar, wp_list_pages, get_pages [06-May-2014 18:27:26 UTC] WordPress database error MySQL server has gone away for query SELECT a.*, u.user_email, u.user_nicename, u.user_login, u.display_name FROM as_bp_activity a LEFT JOIN as_users u ON a.user_id = u.ID WHERE a.id IN (5252) AND a.type != 'activity_comment' ORDER BY a.date_recorded DESC LIMIT 0, 20 made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/tarski/index.php'), the_content, apply_filters('the_content'), call_user_func_array, bp_replace_the_content, apply_filters('bp_replace_the_content'), call_user_func_array, BP_Activity_Theme_Compat->single_dummy_content, bp_buffer_template_part, bp_get_template_part, bp_locate_template, load_template, require('/plugins/buddypress/bp-templates/bp-legacy/buddypress/activity/single/home.php'), bp_has_activities, BP_Activity_Template->__construct, bp_activity_get_specific, BP_Activity_Activity::get [06-May-2014 18:27:26 UTC] WordPress database error MySQL server has gone away for query SELECT count(a.id) FROM as_bp_activity a USE INDEX (type) WHERE a.id IN (5252) AND a.type != 'activity_comment' ORDER BY a.date_recorded DESC made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/tarski/index.php'), the_content, apply_filters('the_content'), call_user_func_array, bp_replace_the_content, apply_filters('bp_replace_the_content'), call_user_func_array, BP_Activity_Theme_Compat->single_dummy_content, bp_buffer_template_part, bp_get_template_part, bp_locate_template, load_template, require('/plugins/buddypress/bp-templates/bp-legacy/buddypress/activity/single/home.php'), bp_has_activities, BP_Activity_Template->__construct, bp_activity_get_specific, BP_Activity_Activity::get [06-May-2014 18:27:26 UTC] WordPress database error MySQL server has gone away for query SELECT user_id, user_login, display_name, user_email, user_url, user_registered, meta_key, meta_value FROM as_users, as_usermeta WHERE as_users.ID = as_usermeta.user_id AND meta_key = 'as_capabilities' AND user_status = 0 AND(meta_value like '%featured%' or meta_value like '%featured_member%') made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/tarski/index.php'), get_sidebar, locate_template, load_template, require_once('/themes/tarski/sidebar.php'), th_sidebar, do_action('th_sidebar'), call_user_func_array, tarski_sidebar, dynamic_sidebar, call_user_func_array, MultiWidget->widget_callback, AuthorAvatarsWidget->widget, UserList->output, UserList->get_output, UserList->get_users, UserList->get_blog_users [06-May-2014 18:27:26 UTC] WordPress database error MySQL server has gone away for query SELECT * FROM as_links INNER JOIN as_term_relationships AS tr ON (as_links.link_id = tr.object_id) INNER JOIN as_term_taxonomy as tt ON tt.term_taxonomy_id = tr.term_taxonomy_id WHERE 1=1 AND link_visible = 'Y' AND ( tt.term_id = 3 ) AND taxonomy = 'link_category' ORDER BY link_name ASC made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/tarski/index.php'), get_sidebar, locate_template, load_template, require_once('/themes/tarski/sidebar.php'), th_sidebar, do_action('th_sidebar'), call_user_func_array, tarski_sidebar, dynamic_sidebar, call_user_func_array, WP_Widget->display_callback, WP_Widget_MiniMeta->widget, minimeta_widget_display, call_user_func, MiniMetaWidgetParts::bookmarkscat_display, wp_list_bookmarks, get_bookmarks [06-May-2014 18:27:26 UTC] WordPress database error MySQL server has gone away for query SELECT t.*, tt.* FROM as_terms AS t INNER JOIN as_term_taxonomy AS tt ON t.term_id = tt.term_id WHERE tt.taxonomy IN ('category') ORDER BY t.name ASC made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/tarski/index.php'), get_sidebar, locate_template, load_template, require_once('/themes/tarski/sidebar.php'), th_sidebar, do_action('th_sidebar'), call_user_func_array, tarski_sidebar, dynamic_sidebar, call_user_func_array, WP_Widget->display_callback, WP_Widget_Categories->widget, wp_list_categories, get_categories, get_terms [06-May-2014 18:27:26 UTC] WordPress database error MySQL server has gone away for query SELECT as_terms.slug, as_posts.ID, as_posts.post_name, as_posts.post_title, as_posts.post_author, as_posts.post_date, YEAR(as_posts.post_date) AS 'year', MONTH(as_posts.post_date) AS 'month' , as_posts.post_type FROM as_posts LEFT JOIN as_term_relationships ON as_posts.ID = as_term_relationships.object_id LEFT JOIN as_term_taxonomy ON as_term_taxonomy.term_taxonomy_id = as_term_relationships.term_taxonomy_id LEFT JOIN as_terms ON as_terms.term_id = as_term_taxonomy.term_id WHERE post_status='publish' AND as_posts.post_type='post' GROUP BY as_posts.ID ORDER BY as_posts.post_date DESC made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/tarski/index.php'), get_sidebar, locate_template, load_template, require_once('/themes/tarski/sidebar.php'), th_sidebar, do_action('th_sidebar'), call_user_func_array, tarski_sidebar, dynamic_sidebar, call_user_func_array, WP_Widget->display_callback, collapsArchWidget->widget, collapsArch, list_archives [06-May-2014 18:27:26 UTC] WordPress database error MySQL server has gone away for query SELECT DISTINCT component FROM as_bp_activity ORDER BY component ASC made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/tarski/index.php'), get_sidebar, locate_template, load_template, require_once('/themes/tarski/sidebar.php'), th_sidebar, do_action('th_sidebar'), call_user_func_array, tarski_sidebar, dynamic_sidebar, call_user_func_array, WP_Widget->display_callback, BP_SWA_Widget->widget, bp_swa_list_activities, swa_get_base_component_scope, swa_get_recorded_components, BP_Activity_Activity::get_recorded_components [06-May-2014 18:27:26 UTC] WordPress database error MySQL server has gone away for query SELECT a.*, u.user_email, u.user_nicename, u.user_login, u.display_name FROM as_bp_activity a LEFT JOIN as_users u ON a.user_id = u.ID WHERE a.is_spam = 0 AND a.component IN ( 'blogs' ) AND a.hide_sitewide = 0 AND a.type != 'activity_comment' ORDER BY a.date_recorded DESC LIMIT 0, 5 made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/tarski/index.php'), get_sidebar, locate_template, load_template, require_once('/themes/tarski/sidebar.php'), th_sidebar, do_action('th_sidebar'), call_user_func_array, tarski_sidebar, dynamic_sidebar, call_user_func_array, WP_Widget->display_callback, BP_SWA_Widget->widget, bp_swa_list_activities, bp_has_activities, BP_Activity_Template->__construct, bp_activity_get, BP_Activity_Activity::get [06-May-2014 18:27:26 UTC] WordPress database error MySQL server has gone away for query SELECT count(a.id) FROM as_bp_activity a USE INDEX (component) WHERE a.is_spam = 0 AND a.component IN ( 'blogs' ) AND a.hide_sitewide = 0 AND a.type != 'activity_comment' ORDER BY a.date_recorded DESC made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/tarski/index.php'), get_sidebar, locate_template, load_template, require_once('/themes/tarski/sidebar.php'), th_sidebar, do_action('th_sidebar'), call_user_func_array, tarski_sidebar, dynamic_sidebar, call_user_func_array, WP_Widget->display_callback, BP_SWA_Widget->widget, bp_swa_list_activities, bp_has_activities, BP_Activity_Template->__construct, bp_activity_get, BP_Activity_Activity::get [06-May-2014 18:27:26 UTC] WordPress database error MySQL server has gone away for query SELECT user_id, user_login, display_name, user_email, user_url, user_registered, meta_key, meta_value FROM as_users, as_usermeta WHERE as_users.ID = as_usermeta.user_id AND meta_key = 'as_capabilities' AND user_status = 0 AND(meta_value like '%administrator%' or meta_value like '%author%') made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/tarski/index.php'), get_sidebar, locate_template, load_template, require_once('/themes/tarski/sidebar.php'), th_sidebar, do_action('th_sidebar'), call_user_func_array, tarski_sidebar, dynamic_sidebar, call_user_func_array, MultiWidget->widget_callback, AuthorAvatarsWidget->widget, UserList->output, UserList->get_output, UserList->get_users, UserList->get_blog_users [06-May-2014 18:27:26 UTC] WordPress database error MySQL server has gone away for query SELECT t.*, tt.* FROM as_terms AS t INNER JOIN as_term_taxonomy AS tt ON t.term_id = tt.term_id WHERE tt.taxonomy IN ('post_tag') AND tt.count > 0 ORDER BY tt.count DESC LIMIT 45 made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/tarski/index.php'), get_sidebar, locate_template, load_template, require_once('/themes/tarski/sidebar.php'), th_sidebar, do_action('th_sidebar'), call_user_func_array, tarski_sidebar, dynamic_sidebar, call_user_func_array, WP_Widget->display_callback, WP_Widget_Tag_Cloud->widget, wp_tag_cloud, get_terms [06-May-2014 18:27:26 UTC] WordPress database error MySQL server has gone away for query SELECT t.*, tt.* FROM as_terms AS t INNER JOIN as_term_taxonomy AS tt ON t.term_id = tt.term_id WHERE tt.taxonomy IN ('link_category') AND ( t.term_id = 2 ) AND tt.count > 0 ORDER BY t.name ASC made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/tarski/index.php'), get_sidebar, locate_template, load_template, require_once('/themes/tarski/sidebar.php'), th_sidebar, do_action('th_sidebar'), call_user_func_array, tarski_sidebar, dynamic_sidebar, call_user_func_array, WP_Widget->display_callback, WP_Widget_Links->widget, wp_list_bookmarks, get_terms [06-May-2014 18:27:26 UTC] WordPress database error MySQL server has gone away for query SELECT * FROM as_links INNER JOIN as_term_relationships AS tr ON (as_links.link_id = tr.object_id) INNER JOIN as_term_taxonomy as tt ON tt.term_taxonomy_id = tr.term_taxonomy_id WHERE 1=1 AND link_visible = 'Y' AND ( tt.term_id = 2 ) AND taxonomy = 'link_category' ORDER BY link_name ASC made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/tarski/index.php'), get_sidebar, locate_template, load_template, require_once('/themes/tarski/sidebar.php'), th_sidebar, do_action('th_sidebar'), call_user_func_array, tarski_sidebar, dynamic_sidebar, call_user_func_array, WP_Widget->display_callback, WP_Widget_Links->widget, wp_list_bookmarks, get_bookmarks [06-May-2014 18:27:26 UTC] WordPress database error MySQL server has gone away for query SELECT DISTINCT component FROM as_bp_activity ORDER BY component ASC made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/tarski/index.php'), get_footer, locate_template, load_template, require_once('/themes/tarski/footer.php'), th_fmain, do_action('th_fmain'), call_user_func_array, tarski_footer_main, dynamic_sidebar, call_user_func_array, WP_Widget->display_callback, BP_SWA_Widget->widget, bp_swa_list_activities, swa_get_base_component_scope, swa_get_recorded_components, BP_Activity_Activity::get_recorded_components [06-May-2014 18:27:26 UTC] WordPress database error MySQL server has gone away for query SELECT DISTINCT component FROM as_bp_activity ORDER BY component ASC made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/tarski/index.php'), get_footer, locate_template, load_template, require_once('/themes/tarski/footer.php'), th_fmain, do_action('th_fmain'), call_user_func_array, tarski_footer_main, dynamic_sidebar, call_user_func_array, WP_Widget->display_callback, BP_SWA_Widget->widget, bp_swa_list_activities, swa_activity_filter_links, swa_get_activity_filter_links, swa_get_base_component_scope, swa_get_recorded_components, BP_Activity_Activity::get_recorded_components [06-May-2014 18:27:26 UTC] WordPress database error MySQL server has gone away for query SELECT a.*, u.user_email, u.user_nicename, u.user_login, u.display_name FROM as_bp_activity a LEFT JOIN as_users u ON a.user_id = u.ID WHERE a.is_spam = 0 AND a.component IN ( 'activity' ) AND a.hide_sitewide = 0 AND a.type != 'activity_comment' ORDER BY a.date_recorded DESC LIMIT 0, 5 made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/tarski/index.php'), get_footer, locate_template, load_template, require_once('/themes/tarski/footer.php'), th_fmain, do_action('th_fmain'), call_user_func_array, tarski_footer_main, dynamic_sidebar, call_user_func_array, WP_Widget->display_callback, BP_SWA_Widget->widget, bp_swa_list_activities, bp_has_activities, BP_Activity_Template->__construct, bp_activity_get, BP_Activity_Activity::get [06-May-2014 18:27:26 UTC] WordPress database error MySQL server has gone away for query SELECT count(a.id) FROM as_bp_activity a USE INDEX (component) WHERE a.is_spam = 0 AND a.component IN ( 'activity' ) AND a.hide_sitewide = 0 AND a.type != 'activity_comment' ORDER BY a.date_recorded DESC made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/tarski/index.php'), get_footer, locate_template, load_template, require_once('/themes/tarski/footer.php'), th_fmain, do_action('th_fmain'), call_user_func_array, tarski_footer_main, dynamic_sidebar, call_user_func_array, WP_Widget->display_callback, BP_SWA_Widget->widget, bp_swa_list_activities, bp_has_activities, BP_Activity_Template->__construct, bp_activity_get, BP_Activity_Activity::get
Are you able to come up with a way to stop this completely?
Viewing 11 replies - 1 through 11 (of 11 total)
Viewing 11 replies - 1 through 11 (of 11 total)
- The topic ‘Some SQL Injections Still Getting Through?’ is closed to new replies.