permanent block, suhosin #2605
Comments
|
please change the request method of the tracker to "POST": |
|
I'm getting this error in logs. Is it an attack situation? oris suhosin alert triggered by a "normal" piwik page? |
|
It depends on your suhosin configuration and the referrer url. If you want to see if its malicious or not, try switching to POST or examining your Apache logs. |
|
where do I switch to post? |
|
Getting the same error. Where do I switch to "post"? |
|
you can call in the JS tracker piwikTracker.setRequestMethod( 'POST' ); it will work only if the piwik server is on the smae domain as the website being tracked |
|
Piwik and website domains are different. But I now understand that this is not a Piwik problem, but caused by a very long referrer that is stored in "_ref" so Suhosin would have to be adapted. Is this assumption correct? |
|
please disalbe suhosin for Piwik requests |
These log entries appear approx. 10-20 daily:
Jul 26 08:55:04 orange suhosin[5942]: ALERT - configured GET variable value length limit exceeded - dropped variable 'urlref' (attacker '175.145.217.174', file '/home/public_html/piwik/piwik.php')
Jul 26 08:55:04 orange suhosin[5942]: ALERT - configured GET variable value length limit exceeded - dropped variable '_ref' (attacker '175.145.217.174', file '/home/public_html/piwik/piwik.php')
Jul 26 08:55:12 orange suhosin[6186]: ALERT - configured GET variable value length limit exceeded - dropped variable '_ref' (attacker '175.145.217.174', file '/home/public_html/piwik/piwik.php')
Jul 26 08:55:28 orange suhosin[6304]: ALERT - configured GET variable value length limit exceeded - dropped variable '_ref' (attacker '175.145.217.174', file '/home/public_html/piwik/piwik.php')
Jul 26 08:55:51 orange suhosin[6454]: ALERT - configured GET variable value length limit exceeded - dropped variable '_ref' (attacker '175.145.217.174', file '/home/public_html/piwik/piw
Keywords: suhosin
The text was updated successfully, but these errors were encountered: