"Fatal error" showing database name & password…
-
Yep, that’s it, database name & password inside the public error message.
Recently, and after a Facebook campaign, many users were on my website at the same time, and the website just crashed and show me that kind of message (related to your plugin), with my DB name and DB password inside !!! What the hell seriously? The plugin is supposed to protect my website, and it shows my DB name and password when the website crash for too many users on it! Awesome, really.
I know when you have a lot of visits the website can crash, but that time the message is directly related to your plug in and the OSE Firewall. Here is the message I saw instead of my website :
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[HY000] [1040] Too many connections' in /public_html/xxxxxxxxx/wp-content/plugins/ose-firewall/classes/Library/oseFirewallBase.php:429 Stack trace: #0 /public_html/xxxxxxxxx/wp-content/plugins/ose-firewall/classes/Library/oseFirewallBase.php(429): PDO->__construct('mysql:host='MY SERVER ADRESS', 'MY DATABASE NAME', 'MY DATABASE PASSWORD') #1 /public_html/xxxxxxxxx/wp-content/plugins/ose-firewall/classes/Library/oseFirewallBase.php(419): oseFirewallBase->checkOseConfig('debugMode', 'scan') #2 /public_html/xxxxxxxxx/wp-content/plugins/ose-firewall/classes/Library/oseFirewallWordpress.php(34): oseFirewallBase->getDebugMode() #3 /public_html/xxxxxxxxx/wp-content/plugins/ose-firewall/ose_wordpress_firewall.php(42): oseFirewall->__construct() #4 /public_html/xxxxxxxxx/wp-settings.php(215): include_once('/public_html/xxxxxxxxx') #5 /public_html/xxxxxxxxx/wp-config.php(97): require_once('/public_html/xxxxxxxxx') #6 /public_html/xxxxxxxxx/wp-load.php(29): require_once('/public_html/xxxxxxxxx') #7 /public_html/xxxxxxxxx in /public_html/xxxxxxxxx/wp-content/plugins/ose-firewall/classes/Library/oseFirewallBase.php on line 429
What the hell?? And most of all, how can I fix this? My Centrora plugin is updated but I really don’t know if I must keep it regarding that very serious vulnerability I saw today…
Thanks by advance for your help, and I hope, a way to fix this. Of course I changed my password but well… that’s a serious bug.
- The topic ‘"Fatal error" showing database name & password…’ is closed to new replies.