Page 1 of 1

AvLab secure Bot-System watch robot destination of component

Posted: Tue Dec 30, 2008 12:12 pm
by info_man
for joomla 1.0.*
bot stops performing the component
if sees in get or post request forbidden (for some groups of the users) of importance

System watch robot destination:
forbid the access to internal command component, for certain groups of the users. For instance request option=com_xxx&task=xxx
here task=xxx this and there is internal command of the component. Rules of the filling:
for determined by you groups contribute forbidden actions inwardly component, for each component to begin rule it is necessary with new line:
com_xxx:task,xxx xxx,xxx xxx,xxx
com_xxx:task,xxx xxx,xxx xxx,xxx

if you want to forbid access to component completely for determined by groups
that simply insert name of the component in given group (approximately so : com_xxx:)
example of the filling for component com_content groups Registered:
com_contact:task,edit task,delete
here we have forbidden the access in component com_contact to command task=edit, task=delete.

bot can work in admin cp
to worked in admin it is necessary in file index2.php to add line
$_MAMBOTS->loadBotGroup( 'system' );
$_MAMBOTS->trigger( 'onAfterStart' );
right after $my = $mainframe->initSessionAdmin( $option, $task ); well or where you itself want :)