You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I get a lot of attacks using the X-Forwarded-For header, i.e.: }__test|O:21:"JDatabaseDriverMysqli":3:{s:2:"fc";O:17:"JSimplepieFactory":0:{}s:21:"\0\0\0disconnectHandlers";a:1:{i:0;a:2:{i:0;O:9:"SimplePie":5:{s:8:"sanitize";O:20:"JDatabaseDriverMysql":0:{}s:8:"feed_url";s:56:"die(md5(DIRECTORY_SEPARATOR));JFactory::getConfig();exit";s:19:"cache_name_function";s:6:"assert";s:5:"cache";b:1;s:11:"cache_class";O:20:"JDatabaseDriverMysql":0:{}}i:1;s:4:"init";}}s:13:"\0\0\0connection";b:1;}�
This produces a 500 error in AttackBlocker.php on line 450: gethostbyaddr(): Address is not a valid IPv4 or IPv6 address
Can we handle the error to avoid the 500? Also, could we add an option to firewall these attackers? Although, given the fake X-Forwarded-For we would have to use a different method of determining their IP.
The text was updated successfully, but these errors were encountered:
I get a lot of attacks using the X-Forwarded-For header, i.e.:
}__test|O:21:"JDatabaseDriverMysqli":3:{s:2:"fc";O:17:"JSimplepieFactory":0:{}s:21:"\0\0\0disconnectHandlers";a:1:{i:0;a:2:{i:0;O:9:"SimplePie":5:{s:8:"sanitize";O:20:"JDatabaseDriverMysql":0:{}s:8:"feed_url";s:56:"die(md5(DIRECTORY_SEPARATOR));JFactory::getConfig();exit";s:19:"cache_name_function";s:6:"assert";s:5:"cache";b:1;s:11:"cache_class";O:20:"JDatabaseDriverMysql":0:{}}i:1;s:4:"init";}}s:13:"\0\0\0connection";b:1;}�This produces a 500 error in AttackBlocker.php on line 450:
gethostbyaddr(): Address is not a valid IPv4 or IPv6 addressCan we handle the error to avoid the 500? Also, could we add an option to firewall these attackers? Although, given the fake X-Forwarded-For we would have to use a different method of determining their IP.
The text was updated successfully, but these errors were encountered: