Wordpress Themes - WP Forum at BFA
There will be no more development for Atahualpa (or any other theme), and no support. Also no new registrations. I turned off the donation system. I may turn the forum to read only if it gets abused for spam. Unfortunately I have no time for the forum or the themes. Thanks a lot to the people who helped in all these years, especially Larry and of course: Paul. Take care and stay healthy -- Flynn, Atahualpa developer, Sep 2021

Wordpress Themes - WP Forum at BFA » WordPress Themes » Atahualpa 3 Wordpress theme » New Versions, & Updating »

[SOLVED] Website Defender Alert: Source code disclosure


  #1  
Old Oct 26, 2011, 01:37 PM
db65
 
3 posts · Oct 2011
Canada
Hi,
First, thanks for a great theme. I've been using Atahualpa for a few years and enjoy how easy it is to build a good looking site. But, alas, I've recently been receiving a repeat warning from Website Defender and cannot figure out how to fix it (nor if it's actually a serious problem to worry about).

The error:
Quote:
Source code patterns were found on this page. The source code of server-side scripts helps an attacker to better understand the logic behind the Web application and may help him conduct further attacks.

Alert details
URL http://dailybayonet.com/?m=200702
Source code <?php bloginfo('template_directory');?>
There is a large number of these alerts, all pointed to items like Monthly post archives, Post categories etc.

I Googled for a solution (which led me here) and found an older thread that suggested the ATO settings for Configure CSS & JS should be set to inline, not external. I checked and mine is set to Inline. I tried switching the Debugging from No to Yes and back again, but am still getting the warning from Website Defender. So I'm out of ideas.

I've got Atahualpa 3.7.1 on a self-hosted Wordpress 3.2.1 with BlueHost. The url is shown in the error above.

I should note I'm not familiar with coding, if you could bear that in mind with any response, it'd probably reduce the number of times my head interfaces with the desk.
  #2  
Old Oct 26, 2011, 01:49 PM
juggledad's Avatar
juggledad
 
23,765 posts · Mar 2009
OSX 10.11.5 WP 4.x Atahualpa(all) Safari, Firefox, Chrome
go to ATO->Style POSTS & PAGES->POST Container: STICKY and change the line
HTML Code:
background: #eee url('<?php bloginfo('template_directory'); ?>/images/sticky.gif') 99% 5% no-repeat;
to
HTML Code:
background: #eee url(http://http://yourdomain.com/wp-content/themes/atahualpa371//images/sticky.gif') 99% 5% no-repeat;
where 'your domain.com' is your domain
__________________
"Tell me and I forget, teach me and I may remember, involve me and I learn." - Benjamin Franklin
Juggledad | Forum Moderator/Support
  #3  
Old Oct 26, 2011, 02:26 PM
db65
 
3 posts · Oct 2011
Canada
Thanks for the swift response Juggledad.

I applied your fix, but noticed that the theme is now left-aligning pictures in posts and that the navigation tabs that were at the top of each page are now a horizontal list of links.

Is there a way to fix that?
  #4  
Old Oct 26, 2011, 02:36 PM
juggledad's Avatar
juggledad
 
23,765 posts · Mar 2009
OSX 10.11.5 WP 4.x Atahualpa(all) Safari, Firefox, Chrome
sorry get rid of the last single quote so you have
HTML Code:
background: #eee url(http://http://yourdomain.com/wp-content/themes/atahualpa371//images/sticky.gif) 99% 5% no-repeat;
ie sticky.gif') should just be sticky.gif)
__________________
"Tell me and I forget, teach me and I may remember, involve me and I learn." - Benjamin Franklin
Juggledad | Forum Moderator/Support
  #5  
Old Oct 26, 2011, 02:44 PM
db65
 
3 posts · Oct 2011
Canada
Thank you, it's all back as it was now. Who knew a ' could be so pesky?

Bookmarks

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes


Similar Threads
Thread Thread Starter Forum Replies Last Post
Source code disclosure kletskater New Versions, & Updating 2 Oct 16, 2011 01:55 PM
?bfa_ata_file=css Source Code Disclosure KatyDigg New Versions, & Updating 3 Jul 11, 2011 03:38 AM
Problem with editing source code... RJelley Atahualpa 3 Wordpress theme 5 Mar 22, 2011 12:05 PM
[SOLVED] Source code prooffairy Plugins & Atahualpa 2 Nov 9, 2010 09:12 AM
Output HTML source code is bloated islandman Header configuration & styling 3 Sep 18, 2009 09:38 AM


All times are GMT -6. The time now is 02:02 PM.


Powered by vBulletin® Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.