Say the URL of the site is:
http://www.techyman.com
The affected URL is:
http://www.techyman.com/admin/doAdminStuffs_1.html
http://www.techyman.com/admin/doAdminStuffs_2.html
Say there are two types of users in techyman website, "producers" and "consumer".
A consumer is able to access the site by putting a header/URL called link=doAdminStuffs_1
How to fix this issue?
So you need a mechanism to identify the difference between the two types of user.
What kind of website is it? Is it to be a forum?
Regardless, you either need to use a Content Management System (CMS) or a forum management system, and one of the main functions of such software suite is to control access rights. If you are not going to use such building block software then you will have to write your own.
At a minimum, administrative user(s) need to authenticate.
Please provide more detail of what you are trying to achieve overall.
This is all the information that I've. I gave someone to do Vulnerability Assessment and Penetration Testing of my website and that's all they've told. I should've asked them, but they've already done their job and gone.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.