Possible hacking attempt -error_log

A place for users and developers of the Xataface to discuss and receive support.

Possible hacking attempt -error_log

Postby mermentau » Wed Nov 28, 2012 7:31 pm

I have the latest stable release version and my error_log in the application gets lots of this error:
Session address does not match the remote address. Possible hacking attempt. Session address was '', User address was '::ffff:453b:2840'
I don't really suspect hacking and am guessing it's some kind of config error. I've done a good bit of searching and found nothing relating.
mermentau
 
Posts: 14
Joined: Tue Nov 20, 2012 9:26 am

Re: Possible hacking attempt -error_log

Postby shannah » Fri Nov 30, 2012 4:54 am

Xataface checks to make sure that multiple requests for the same session come from the same IP address. Unfortunately it seems to be broken with IPv6..

You can disable this (and I recommend you do until it is fixed) by adding the following to the beginning of your conf.ini file:
Code: Select all
disable_session_ip_check=1


-Steve
--
Steve Hannah
@shannah78 (on twitter)
sjhannah.com blog
shannah
 
Posts: 4457
Joined: Wed Dec 31, 1969 5:00 pm

Re: Possible hacking attempt -error_log

Postby mermentau » Fri Nov 30, 2012 3:17 pm

That sounds easy enough. Thanks
mermentau
 
Posts: 14
Joined: Tue Nov 20, 2012 9:26 am


Return to Xataface Users

Who is online

Users browsing this forum: No registered users and 25 guests

cron
Powered by Dataface
© 2005-2007 Steve Hannah All rights reserved