cms, content management, content management system, content management systems, content management software, designers, web designer, web site owner, web site content management, web content management software, ecommerce, web content, Sheffield, Yorkshire, UK

Fooshy�CMS, Content Management System - cheap, feature rich, expandable and flexible content management system for web designers and web site owners.

Fooshy® is an expandable and flexible content management system aimed at web designers and web site owners. Dynamic sites, full of content can quickly and easily be created without the need for any programming skills. Fooshy comes with an easy to use Web Content Administration system with built in management for documents, images and streamed media, and provides all the components required to build and manage content rich, attractive websites with the ease of creating a word document.

September 2010 - IMPORTANT ANNOUNCEMENT - SECURITY RISK

Microsoft recently released a Security Advisory notice, highlighting a vulnerability in ASP.NET. Fooshy is developed in ASP.NET and it is therefore important you read the following information.

An attacker who exploited the vulnerability, could gain access to information stored within the Viewstate or Web.config file. Fooshy does not store any sensitive information in Viewstate, however, it does make use of the Web.config file for storing information. Full details (including a temporary workaround) can be found at the following address...

http://www.microsoft.com/technet/security/advisory/2416728.mspx

Fooshy is written using the .NET framework 1.1 and therefore the relevant workaround is as follows. Please Note: If your website is hosted with us, we have already taken the liberty of applying this fix to your site.

 - Open the web.config file which sits at the root of the application, in any suitable application (Notepad is just fine)

 - Find the following line in your web.config file...

</appSettings>

 - After this line, add the following code

<location allowOverride="false">
  <system.web>
    <customErrors mode="On" defaultRedirect="~/error.html" />
  </system.web>
</location>

 - There may already exist a line in your copy of web.config regarding customErrors, such as...

<customErrors mode="Off" />

 ...if so, comment out this line by adding <!-- and --> at the beginning and end of the line, e.g.

<!--<customErrors mode="Off" />-->

 - Save the web.config file. Create a text file named error.html containing a generic error message.

 - Upload both files to the live website environment.


Return to main news page