Forum

Ban on garbage when upgrade to 9.5

Luis Flores
30 April 2014, 19:05
Hi,

We recently upgraded to 9.5, and after it some forms that send data using POST were started to generate garbage ban, these forms were ok in version 9.4. We rollback to 9.4 and they are working fine.

Also we add our IP to allow, but still is our ip banned due to garbage.

I am anexing a post marked as garbage, placing some xxxxx for some personal information fields.

79.205.192.158|Wed 30 Apr 2014 16:14:44 +0200|Total=10.80&Currency=EUR&TransID=4
053938&SiteID=005&BillingFirstnames=xxxxxx+&BillingSurname=xxxxxxx+xxxxxx&Billing
Address1=an+der+lither+xxxx&BillingAddress2=&BillingCity=Stassfurt&BillingPostCode=
xxxxxx&BillingCountry=DE&BillingPhone=4915204253305&DeliveryFirstnames=&DeliveryS
urname=&DeliveryAddress1=&DeliveryAddress2=&DeliveryCity=&DeliveryPostCode=&Deli
veryCountry=724&DeliveryState=0&DeliveryPhone=&CustomerEMail=xxxxxxxx%40t-online
.de&ReturnURLOK=http%3A%2F%2Fwww.recargasacuba.com%2Fuc_vspay%2Freturn_ok&Return
URLCancel=http%3A%2F%2Fwww.recargasacuba.com%2Fuc_vspay%2Freturn_ko&PostURL=http
%3A%2F%2Fwww.recargasacuba.com%2F%2Fuc_vspay%2Fpost&Signature=EA90DCA8F4B4EF0549
285651555A4D72B86181C5&op=Enviar+pedido&form_build_id=form-0cc67ebd271e4d3d920c6
f650a9d80db&form_token=004375f4d7f4384fa35fdc090bbc5f96&form_id=uc_vspay_formGET
/favicon.ico HTTP/1.1
Host: secure.virtualscape.es
User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:28.0) Gecko/20100101 Firefox/
28.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Cookie: PHPSESSID=3fmbt8vvuv1olb8ihnr8gmaot7
Connection: keep-alive


Hiawatha version: 9.5
Operating System: Centos
Epe
30 April 2014, 19:09
your question is: why was it considered garbage in version 9.5 and not in version 9.4... and why it was banned even when you added the IP as an allow. isn't it?
Luis Flores
30 April 2014, 19:13
Yes, there are two questions in my post, main question is related to garbage banning something that was working fine in 9.4, second question is that our IP was continued to be banned even after "whitelisting" it.

Thanks
Hugo Leisink
30 April 2014, 20:47
What you can see is at the end of the large data block is the actual request "GET /favicon.ico HTTP/1.1". For some reason, parts of the previous request are mixed with this one. I'm still thinking about how this could have happened, because I didn't change anything in the request fetching and parsing.

Can you somehow find out what the previous request was? If so, can you tell me what that request was? Can you also confirm that the Content-Length header of that request matches the size of the request body?

Can you tell me what the BanlistMask configuration looks like?

Do you have a development version of your website for which I can have an account, so I can do some testing myself?
This topic has been closed.