How To Truly Delete Pages in MODx

MODx is an excellent AJAX enabled content management system, which is leagues ahead of Joomla / Mambo. One of the features of MODx is that pages aren't fully deleted. They are marked as deleted (displayed as strike-through items) and they are not displayed on the web. However they still remain in the database. This is a great feature to prevent accidental deletion. However sometimes you really need to delete pages to reduce the clutter and prevent conflicting aliases. Here is how you can truly (and irrevocably) delete pages from the database.

Full article (207 words) »

Security Vulnerability: Firewall Site Exposes Sensitive Data Through phpMyAdmin

I was looking for the wiki of a popular Linux based firewall site. The main url was 404, so I went up one level hoping to find a new url. Suddenly I had a directory listing with interesting files and a link to phpMyAdmin. Wondering how a firewall site maintains its own security, I clicked on phpMyAdmin, fully expecting a password prompt.

Surprisingly I found phpMyAdmin of the site to be openly accessible to all. It showed several databases including but not limited to bugtracker, wiki, drupal and one that looked like invoice database. I dared not venture further. I immediately sent an email to the only contact email I found in their old documentation. It is really scary.
Full article (309 words) »
Protected by Comment Guard Pro