You are not logged in.

#1 2022-11-11 9:39 pm

DLipman
Member
Registered: 2020-10-27
Posts: 5

Tried to submit a person who used a Clouflare IP and got an error

We had a person who tried to do a XSS penetration test (w/o permission) violating Forum guidelines.

I tried to submit the member but I could not.  The record could not be added.  It did not like the CloudFlare IP used in the action and the submission failed.

"IP ADDRESS CAN NOT BE ADDED [CLOUDFLARE]"

104.28.213.2 - Shubra al Khaymah, Qalyubia, Egypt   
ISP - CloudFlare, Organization- CloudFlare

Offline

#2 2022-11-11 11:35 pm

Alex Kemp
Moderator
From: Nottingham, England
Registered: 2009-12-02
Posts: 2,322
Website

Re: Tried to submit a person who used a Clouflare IP and got an error

Hi DLipman, welcome to SFS.

You need to obtain the original public IP of the visitor, else you are currently attempting to prevent several thousand (or even hundreds of thousands) of innocent people that are using the same CloudFlare service.

Here is just one page that I found offering methods to do that:
Restoring original Visitor IPs.

Obviously, the method that you use depends on your site situation, but the fundamental policy remains the same for all situations: you have to obtain the *actual* public IP of a visitor, not the forwarding IP, etc., etc.. If you are using forum software, then you need to refer to the software writer to get this right, since your software is currently broken due to using wrongful algorithms for IP acquisition.

HTH

Offline

#3 2022-11-12 12:03 am

DLipman
Member
Registered: 2020-10-27
Posts: 5

Re: Tried to submit a person who used a Clouflare IP and got an error

Obrigado.

In my opinion the IP is not as important as the email address used and to a lesser degree the account name.

However, the IP denial construct blocks both of them too.

Is there a way to make the submission and get around this?

Offline

#4 2022-11-12 12:09 am

DLipman
Member
Registered: 2020-10-27
Posts: 5

Re: Tried to submit a person who used a Clouflare IP and got an error

PS:
The broken software is Invison

Offline

#5 2022-11-12 3:12 am

Maikuolan
Member
From: Perth, Western Australia
Registered: 2011-08-09
Posts: 786
Website

Re: Tried to submit a person who used a Clouflare IP and got an error

I would point out that, although yes, an XSS attack or penetration test without permission is a bad thing, and should definitely be blocked (at the websites in question), it is not a form of spam, and thus, is not a suitable reason for submitting data here to SFS.

There are plenty of databases, blocklists, etc publicly available which cater to hacking, security breaches, and other kinds of bad behaviour more broadly, to which it would be suitable to submit such data. But the SFS database is intended just for dealing with forum spam only.

Last edited by Maikuolan (2022-11-12 3:12 am)

Offline

#6 2022-11-12 4:04 am

Alex Kemp
Moderator
From: Nottingham, England
Registered: 2009-12-02
Posts: 2,322
Website

Re: Tried to submit a person who used a Clouflare IP and got an error

To echo Maikuolan, you can NOT submit someone that has done anything other than spam your site. No spam, no submission.

In addition, software reporting wrong IPs with Cloudflare users is a classic mistake of older software. You need to fix that for your own sake. If the software is still being maintained then it will (hopefully) have been updated.

Finally, obtaining the correct Public IP is a *requirement* as part of submitting spammers to this site.

Offline

#7 2022-11-12 9:15 am

Oblivian
Member
Registered: 2018-11-04
Posts: 71

Re: Tried to submit a person who used a Clouflare IP and got an error

It also wasn't hard to find on google.
2nd hit is their support forums.

"Turning on the "Trust IP Addresses provided by proxies" would enable it to show the real users IP address. So it is the answer to obtaining the real user's IP address."

Offline

#8 2022-11-12 12:33 pm

DLipman
Member
Registered: 2020-10-27
Posts: 5

Re: Tried to submit a person who used a Clouflare IP and got an error

Domo arigato

Offline

Board footer

Powered by FluxBB

Close
Close