Forum: NGINX iFrame

Announcement (2017-05-07): is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see and for other Rails- und Ruby-related community platforms.
103e3ecb1c838c6c7e52a0ee12ee6e1a?d=identicon&s=25 Glen Lumanau (Guest)
on 2009-03-19 12:13
(Received via mailing list)
All my sites is being injected by a code

<iframe src="" width=1
height=1 style="visibility:hidden;position:absolute"></iframe><iframe
src="" width=1 height=1

Somebody has an issue like this? How can we solve it?
2e321cc0efe9422d37165e922298494e?d=identicon&s=25 Cliff Wells (Guest)
on 2009-03-19 17:33
(Received via mailing list)
On Thu, 2009-03-19 at 18:03 +0700, Glen Lumanau wrote:
What software are you running?  This should be reported to (and fixed
by) them.

103e3ecb1c838c6c7e52a0ee12ee6e1a?d=identicon&s=25 Glen Lumanau (Guest)
on 2009-03-19 18:25
(Received via mailing list)
I'm running 3 different CMS

1. Joomla
2. Wordpress MU
3. rayzz

All of them are infected at the same time
561c2fb6d0c72e0c7bc52b263c7d56c3?d=identicon&s=25 Merlin (Guest)
on 2009-03-19 20:23
(Received via mailing list)

There isn't currently a module in NginX which addresses this, and there
some good reasons why even if there were you should still need to fix
at the application level.  You probably (but not necessarily) have
misconfigured, old, or compromised versions of these as they are
HTML entities from user input.

Minimally, you should check your settings for each system and turn off
in comments or whatever fields they are using to input.  You should
do a fresh install of the latest version of each one (if possible) and
sure HTML is off after that.

Good luck!
- Merlin
This topic is locked and can not be replied to.