-
Bug
-
Resolution: Unresolved
-
Low
-
None
-
3
-
Severity 3 - Minor
Issue Summary
If utilizing proxy/load balancer you may notice a blocked proxy IP which could result in page viewers being unable to load the page
Steps to Reproduce
- Signup and utilize google proxy/load balancer
- Start receiving bot spam traffic
Expected Results
We expect the site to work fine and not block the proxy ip's.
Actual Results
If malicious traffic comes in and passes through the proxy there is a chance our security scanners will activate and block IP's from the used IP's by the proxy
Workaround
The current workaround is to block the traffic in which we block malicious traffic for on the proxy end:
https://cloud.google.com/knowledge/kb/how-to-block-traffic-for-a-specific-url-000004799
The traffic we are blocking is for queries sent to the SP site. ex: https://status.thetest.agency?q=
'sample@email.tst',
'win.ini',
'555-666-0606',
'etc/passwd',
'alihack.com'
'pg_sleep',
'dbms_pipe.receive_message',
'jndi',
'${lower:j}ndi',
'j}ndi'