Hi All, I am using Umbraco 4.7 (No plans to upgrade). Recently there is
security scan for the web site. The scan show the server network IP information bolded below.
Aroudn two year ago some security issues were unfortunately found across releases so security patched versions were released, since then other issues have been found as well - So perhaps you can solve the issue by applying the patched version of Umbraco 4.7.x? You can find the specific patched version of 4.7.x at http://code.leekelleher.com/umbraco/archive/ under the "Security updates" headline.
You can read more about it all at these links, which are also mentioned on the page I referred above.
Do you get this information when you trace is added to the page? For example with umbdebugshowtrace? You can disable that by setting umbracoDebugMode to false in the web.config.
Hide Server IP information
Hi All, I am using Umbraco 4.7 (No plans to upgrade). Recently there is security scan for the web site. The scan show the server network IP information bolded below.
<td>umbracoURL</td><td>System.String</td><td> xx.xx.xx.3:443/admin</td>
I have checked the Database and configure file. Was not able to find the specific field to hide the information.
Please help.
Hi Syves and welcome to our :)
Aroudn two year ago some security issues were unfortunately found across releases so security patched versions were released, since then other issues have been found as well - So perhaps you can solve the issue by applying the patched version of Umbraco 4.7.x? You can find the specific patched version of 4.7.x at http://code.leekelleher.com/umbraco/archive/ under the "Security updates" headline.
You can read more about it all at these links, which are also mentioned on the page I referred above.
http://umbraco.com/follow-us/blog-archive/2013/5/1/security-update-two-major-vulnerabilities-found
http://umbraco.com/follow-us/blog-archive/2014/5/20/major-vulnerability-in-umbraco-450-through-470-fixed.aspx
http://umbraco.com/follow-us/blog-archive/2014/5/23/security-update-one-more-major-issue-fixed-in-470-through-4711.aspx
http://umbraco.com/follow-us/blog-archive/2014/7/21/security-issues-found-in-umbraco-4,-6-and-7.aspx
Hope this helps.
/Jan
Do you get this information when you trace is added to the page? For example with umbdebugshowtrace? You can disable that by setting umbracoDebugMode to false in the web.config.
Jeroen
is working on a reply...