Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • K.Garrein 164 posts 629 karma points
    Mar 01, 2016 @ 09:29
    K.Garrein
    0

    Securing backend services

    Hey.

    We were asked by a client to secure the webservices that are available at /umbraco/webservices/codeEditorSave.asmx

    Why are those publicly available? Apparently you don't need to login to the backend to access them?

    Any tips and suggestions are welcome.

    Thank you. Kris.

  • M T 35 posts 212 karma points
    Mar 01, 2016 @ 16:34
    M T
    0

    Hi Kris

    Think of these pages as a nice "README" you can lock them down if you want . I know they look bad but they are harmless from what I can see, you cant actually upload anything via the forms, theyr'e just there for testing purposes and if you try and access them from a another machine you will get the message "The test form is only available for requests from the local machine." I don't think this is anything to worry about. It's very rare that something like that would slip under the radar.

    Regards M

Please Sign in or register to post replies

Write your reply to:

Draft