One of the perks (read… problems), of being someone who looks after their own Website, is from time to time you break it, and have to figure out the problem you caused in order to work around it. Or simply not do it again the next time.
Here’s the quick problem I encountered today, I haven’t found a solution yet, as I only just received it when typing this
I noticed that bots are scraping my Website from somewhere that is generating SQL Injection links, they’re coming up as 404 errors in my statistics, which is bloody annoying to say the least. The good side is the attacks are failing, bad side is my stats look horrible, and it’s annoying.
The queries are being run on my Blog and my Store.
I wanted to disable the Magento search because at this moment in time I have no use for it since my site is only small scale. Probably never will, should make it harder
Now…. the problem.
In order to disable Magento Search, the recommended approach is to change the relevant XML file under your store folder
The module you need to change is
/storefolder/app/etc/modules/Mage_All.xml
Inside this there is some content (below), you’re meant to change the word true to false, and this then disables it.
<Mage_CatalogSearch>
<active>true</active>
<codePool>core</codePool>
<depends>
<Mage_Catalog/>
</depends>
</Mage_CatalogSearch>
After you’ve done the change in code, you’re meant to flush the Magento Cache to disable the search option. After I did this however I received an error where I couldn’t even access the admin panel of the site.
Now. The problem I’ve found is that this breaks the site (I’m guessing a dependancy).
Luckily as I had only just done the change, I reverted it back which fixed it instantly. Now to find out the best way to resolve this. I’m going to be installing a backup copy of my Website in my site development offline. This will then allow me to play with Magento and break it to find out how it works, and also how to modify the site templates, so that the site looks like how I want it to
Just a future note to anyone who breaks their site and forgets what they’ve done to fix it
