Canalplan Bug Tracker



Anonymous Login
2019-02-17 16:13 GMT

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0000420Canalplan [All Projects] Server Configurationpublic2019-01-31 19:29
ReporterNick Atty 
Assigned ToStephen Atty 
PrioritynormalSeverityminorReproducibilityN/A
StatusresolvedResolutionfixed 
PlatformGenericOSN/AOS VersionN/A
Product VersionProduct Build 
Target VersionFixed in Version 
Summary0000420: Auto-block very popular SQL injection test
DescriptionWe get several attempts a week to break various things by appending '0=1 to the URL. Put something in .htaccess to just throw that all into the bin (and auto-block?)

The latest one is from US firm https://www.centurylink.com - so just blocking China and Russia isn't enough (but heavens it helps!).
TagsNo tags attached.
Attached Files

-Relationships
+Relationships

-Notes

~0001820

Stephen Atty (administrator)

Rule put into .htaccess to return new agreed error code so we can firewall it.

~0002118

Stephen Atty (administrator)

We banned a lot - looks like its now stopped
+Notes

-Issue History
Date Modified Username Field Change
2018-03-18 09:47 Nick Atty New Issue
2018-06-17 21:59 Stephen Atty Note Added: 0001820
2018-06-17 21:59 Stephen Atty Assigned To => Stephen Atty
2018-06-17 21:59 Stephen Atty Status new => assigned
2019-01-31 19:29 Stephen Atty Status assigned => resolved
2019-01-31 19:29 Stephen Atty Resolution open => fixed
2019-01-31 19:29 Stephen Atty Note Added: 0002118
+Issue History