The Misc Script Disabler extension for Magento will disable all potential fields that could execute malicious code.
OverviewBack to top
Magento has a few fields in the Admin Panel that accept arbitrary code that is then being rendered either in the footer or header on each page load. Hackers try to exploit this by inserting malicious code into these field, executing it unknowingly to the user. This is where the Misc Script Disabler extension comes in. It will disable all the potential fields that could execute malicious code.
This includes the fields:
All the fields can be found in the admin under: System->Configuration->General->Design
- The extension will nullify the Miscellaneous Scripts and Miscellaneous HTML, the Copyright field will only be disabled if potential code is detected. So you are still able to add a copyright to your site.
- Optionally, the extension can notify you every 24 hour if any of the 3 fields have been tampered with. The notification will continue until the code has been removed from the fields.
Release NotesBack to top
- Compatible with CE: 1.9 1.9.1 1.9.2 1.9.3
- Stability: Stable Build