CiviCRM Community Forums (archive)

*

News:

Have a question about CiviCRM?
Get it answered quickly at the new
CiviCRM Stack Exchange Q+A site
This forum was archived on 25 November 2017. Learn more.
How to get involved.
What to do if you think you've found a bug.



  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Using CiviCRM (Moderator: Dave Greenberg) »
  • IDS logging not working - I think I found bug in IDS.php
Pages: [1]

Author Topic: IDS logging not working - I think I found bug in IDS.php  (Read 1027 times)

sonicthoughts

  • Ask me questions
  • ****
  • Posts: 498
  • Karma: 10
IDS logging not working - I think I found bug in IDS.php
May 28, 2013, 02:00:25 pm
I didn't see any IDS kick errors, then noticed this in the log: Warning: in_array() expects parameter 2 to be array, string given in CRM_Core_IDS->kick() (line 258 ofdrupal/sites/all/modules/civicrm/CRM/Core/IDS.php)
It looks like line 258: if ($path == in_array("civicrm/ajax/rest", "civicrm/api/json"))
is not correct syntax. 

BTW - we get hit with MANY ids alerts.  Would like to better understand civicrm integration.  started this thread:http://forum.civicrm.org/index.php/topic,28406.msg121448.html#msg121448.  Would like better control of config and ideally pass kicked IP's up to firewall or drupal block.

xavier

  • Forum Godess / God
  • I’m (like) Lobo ;)
  • *****
  • Posts: 4453
  • Karma: 161
    • Tech To The People
  • CiviCRM version: yes probably
  • CMS version: drupal
Re: IDS logging not working - I think I found bug in IDS.php
May 28, 2013, 10:29:08 pm
can you create an issue?

as you are working around ids, would you know how to simply test? (eg. is there a param/value that is sure to trigger IDS so it gets rejected?)

X+
-Hackathon and data journalism about the European parliament 24-26 jan. Watch out the result

sonicthoughts

  • Ask me questions
  • ****
  • Posts: 498
  • Karma: 10
Re: IDS logging not working - I think I found bug in IDS.php
May 28, 2013, 10:36:19 pm
Ok - CRM-12718
I can show you backtrace or log info if that is helpful.  I get them all the time ... probably should scan for "Viagra" :)  not sure Kick is working.  would be ideal to log to firewall or drupal (or even database which is natively supported)

xavier

  • Forum Godess / God
  • I’m (like) Lobo ;)
  • *****
  • Posts: 4453
  • Karma: 161
    • Tech To The People
  • CiviCRM version: yes probably
  • CMS version: drupal
Re: IDS logging not working - I think I found bug in IDS.php
May 28, 2013, 11:24:36 pm
You mean logging every kick? isn't it opening a fast lane to dos? ie. it's going to be trivial to flood your log for anonymous users, isn't it?

X+
-Hackathon and data journalism about the European parliament 24-26 jan. Watch out the result

sonicthoughts

  • Ask me questions
  • ****
  • Posts: 498
  • Karma: 10
Re: IDS logging not working - I think I found bug in IDS.php
May 29, 2013, 07:42:07 am
yes, i can send you some logs, but would rather do it via messaging.  note that I get lot's of logging in watchdog and Civicrm.xxx.log.  Also, they ALL generate a backtrace even when they are caught.  Also, the IP address in array is the IP of the server.

sonicthoughts

  • Ask me questions
  • ****
  • Posts: 498
  • Karma: 10
Re: IDS logging not working - I think I found bug in IDS.php
May 29, 2013, 11:18:30 am
I see marked fixed but no change to code - is there a patch for 4.3.3?
Pages: [1]
  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Using CiviCRM (Moderator: Dave Greenberg) »
  • IDS logging not working - I think I found bug in IDS.php

This forum was archived on 2017-11-26.