Discuss the BigJimny Shop and Website in this section. Whats good, whats bad, whats ugly! - what would you like to see!
Updated security
- Daniel30
- Visitor
-
Public
25 Jan 2016 23:04 #161206
by Daniel30
Replied by Daniel30 on topic Updated security
I'm only getting bits of messages to :blink:
Please Log in or Create an account to join the conversation.
26 Jan 2016 09:33 - 26 Jan 2016 09:34 #161210
by mlines
Martin
2003 M13 early KAP build.
3" Trailmaster lift with 1.5 Spacers on front
Customised winch bumper and roll cage
235/85R16 Maxxis Bighorns on 16" Rims, 4:1 Rocklobster, Rear ARB locker and on-board air
Corrected arms all-round, rear disks, Recaro seats and harnesses
Replied by mlines on topic Updated security
Its a fine juggling act.
Yesterday I changed a setting as we were getting too many automatic bans. Now instead of banning you it is removing the element that it considers to be an attack, therefore you seem to be seeing messages with bits missing rather than a "you have been banned" message.
I get an automatic report.
Looking through the report for yesterday it appears to be very sensitive to the brackets symbols () and the / and \ symbols within messages.
This is because these are characters used to attempt directory traversals on the website and MySQL injection attacks.
Please bear with me with the pain.
BigJimny is an interactive site, you can post into the forum, you can buy from the shop and you can discuss and interact with the main pages. This means it is attractive to attack as this ability to post onto the site can give a doorway to the interior.
For example, the logs for yesterday show 6 strong genuine attacks (repelled) plus around 10 minor ones, the minor ones seem to be roughly 50% incorrectly identified such as when it was removing bits from your messages.
Martin
Yesterday I changed a setting as we were getting too many automatic bans. Now instead of banning you it is removing the element that it considers to be an attack, therefore you seem to be seeing messages with bits missing rather than a "you have been banned" message.
I get an automatic report.
Looking through the report for yesterday it appears to be very sensitive to the brackets symbols () and the / and \ symbols within messages.
This is because these are characters used to attempt directory traversals on the website and MySQL injection attacks.
Please bear with me with the pain.
BigJimny is an interactive site, you can post into the forum, you can buy from the shop and you can discuss and interact with the main pages. This means it is attractive to attack as this ability to post onto the site can give a doorway to the interior.
For example, the logs for yesterday show 6 strong genuine attacks (repelled) plus around 10 minor ones, the minor ones seem to be roughly 50% incorrectly identified such as when it was removing bits from your messages.
Martin
Martin
2003 M13 early KAP build.
3" Trailmaster lift with 1.5 Spacers on front
Customised winch bumper and roll cage
235/85R16 Maxxis Bighorns on 16" Rims, 4:1 Rocklobster, Rear ARB locker and on-board air
Corrected arms all-round, rear disks, Recaro seats and harnesses
Last edit: 26 Jan 2016 09:34 by mlines.
The following user(s) said Thank You: Daniel30
Please Log in or Create an account to join the conversation.
- gusthegorilla
- Visitor
-
Public
26 Jan 2016 11:59 #161217
by gusthegorilla
Replied by gusthegorilla on topic Updated security
Good answer, Martin!!!
Understanding the problem is half the battle...thank you
Understanding the problem is half the battle...thank you
Please Log in or Create an account to join the conversation.
- Daniel30
- Visitor
-
Public
03 Feb 2016 08:53 #161768
by Daniel30
Replied by Daniel30 on topic Updated security
Hi Martin
I keep getting a message saying my ip address has been blocked when I try to send a pm to someone never had a problem before
Cheers
Daniel
I keep getting a message saying my ip address has been blocked when I try to send a pm to someone never had a problem before
Cheers
Daniel
Please Log in or Create an account to join the conversation.
03 Feb 2016 09:25 #161771
by mlines
Martin
2003 M13 early KAP build.
3" Trailmaster lift with 1.5 Spacers on front
Customised winch bumper and roll cage
235/85R16 Maxxis Bighorns on 16" Rims, 4:1 Rocklobster, Rear ARB locker and on-board air
Corrected arms all-round, rear disks, Recaro seats and harnesses
Replied by mlines on topic Updated security
What is your IP address?
What is the exact text?
The system is not currently reporting any blocks to me
What is the exact text?
The system is not currently reporting any blocks to me
Martin
2003 M13 early KAP build.
3" Trailmaster lift with 1.5 Spacers on front
Customised winch bumper and roll cage
235/85R16 Maxxis Bighorns on 16" Rims, 4:1 Rocklobster, Rear ARB locker and on-board air
Corrected arms all-round, rear disks, Recaro seats and harnesses
Please Log in or Create an account to join the conversation.
- Daniel30
- Visitor
-
Public
03 Feb 2016 10:02 #161772
by Daniel30
Replied by Daniel30 on topic Updated security
I will email you a screen shot
Many thanks
Many thanks
Please Log in or Create an account to join the conversation.
Time to create page: 0.172 seconds