We launched new forums in March 2019—join us there. In a hurry for help with your website? Get Help Now!
MODX Community Forums Archive

Reflect RFI Exploit

  • Ryan Thrash Reply #1, 15 years, 4 months ago
    It has come to our attention that it’s possible to compromise some sites with specific server configurations via the reference copy of the Reflect snippet installed by default at /assets/snippets/reflect/snippet.reflect.php

    A temporary solution is to simply rename this file with a .txt extension in your website. We are working on confirming a permanent solution and will update this post as soon as possible with more details.

    For more information see the Secunia advisory and the discussion on our forums.


      Ryan Thrash, MODX Co-Founder
      Follow me on Twitter at @rthrash or catch my occasional unofficial thoughts at thrash.me
    • Ryan Thrash Reply #2, 15 years, 4 months ago
      The permanent solution is in fact to simply rename the reference snippet with a .txt extension or to remove them completely. They were included as a reference, and they have been removed from the current download distribution on the site.
        Ryan Thrash, MODX Co-Founder
        Follow me on Twitter at @rthrash or catch my occasional unofficial thoughts at thrash.me

      This discussion is closed to further replies. Keep calm and carry on.