Official Thread to Report Bugs, Concerns or Suggestions With The New Site Platform

Status
Not open for further replies.
howiebrou said:
So why are US ip addresses being locked out? I fully admit to not understanding any of the jargon though.
Click to expand...

That is the question no one seems to be able to answer

We are going to give this a few more days and if the problems continue we will remove the block. Even Julian (our admin) who lives in Spain is constantly locked out and has been blacklisted several times


I had no problems with the site yesterday
 
tima said:
I've had no access for about 16 hours until just now. Browser says timeout, server is busy.
Click to expand...
Hi Tim

I’ve had your IP address white listed

Yiu should have no further problems
 
still having issues. seems like it takes about 15 min to get on line...
 
Here is a reply from one of the techs at our web support. I hope that what they learned from the IP addresses I reported to them has helped to relieve the problems we have all been having ............

The DDoS protection was to protect your site against all attacks from everywhere.
It was meant to help you to allow all good connections from everywhere and its doing its job. You have a lot of connections from China and Honk Kong.
Please know that your good traffic through the DDoS firewall is at 98.5% and the rest are the blocks.
So not everyone is seeing issues.

So now what we have found with the IP's you have provided.
We have gone over IP's 68.187.136.4, 207.81.8.54, 70.114.225.253 and found out that the extra protection called "Additional Security Headers added to your site" which protects against X-XSS-Protection, X-Frame-Options, X-Content-Type-Options was causing the issue with some of your users.
For instance it was seeing this:

/threads/the-irishman-netflix-coming-up.28672/add-reply
An attempted XSS (Cross site scripting) was detected and blocked

At this time the "Additional Security Headers added to your site" option with all these above have been turned off.

Time to time we need our clients help to figure out the issue.
Please do let us know without any hesitation if this has helped and we are pretty sure it will since these were the only blocks for al the IP's provided.
We are always here to assist you with all your issues and concerns.
 
  • Like
Reactions: howiebrou
jfrech said:
still having issues. seems like it takes about 15 min to get on line...
Click to expand...

Your IP address has been white listed. You should have no further problem BUT please let us know if things have resolved
 
Steve Williams said:
Here is a reply from one of the techs at our web support. I hope that what they learned from the IP addresses I reported to them has helped to relieve the problems we have all been having ............

The DDoS protection was to protect your site against all attacks from everywhere.
It was meant to help you to allow all good connections from everywhere and its doing its job. You have a lot of connections from China and Honk Kong.
Please know that your good traffic through the DDoS firewall is at 98.5% and the rest are the blocks.
So not everyone is seeing issues.

So now what we have found with the IP's you have provided.
We have gone over IP's 68.187.136.4, 207.81.8.54, 70.114.225.253 and found out that the extra protection called "Additional Security Headers added to your site" which protects against X-XSS-Protection, X-Frame-Options, X-Content-Type-Options was causing the issue with some of your users.
For instance it was seeing this:

/threads/the-irishman-netflix-coming-up.28672/add-reply
An attempted XSS (Cross site scripting) was detected and blocked

At this time the "Additional Security Headers added to your site" option with all these above have been turned off.

Time to time we need our clients help to figure out the issue.
Please do let us know without any hesitation if this has helped and we are pretty sure it will since these were the only blocks for al the IP's provided.
We are always here to assist you with all your issues and concerns.
Click to expand...

Fascinating... A bit of clarification please if you don't mind: My understanding is x-xss-protection, x-frame-options and x-content-type-options are HTTP response headers coming from server to browser. That's certainly the complete opposite of how we normally understanding the Web Application Firewall business. The headers are usually enabled directly on the webserver configuration. Is Sucuri saying they're adding the headers to your outgoing traffic? Also, these headers are very prevalent as almost all the major websites on the net have them one way or another. If they're causing issues for some users, should these users be bogged down everywhere else already?

It's also a little unclear what At this time the "Additional Security Headers added to your site" option with all these above have been turned off covers. The x-xss-protection header doesn't appear on my end, but the other two still do. But for what it's worth, I'm still having frequent timeouts. When that starts happening, looking at network traffic with a browser in development mode shows no response after initial browser request. So this isn't the case of the webserver sending down something that upsets the browser. In fact, WBF is set up to force HTTP traffic into HTTPS via a 301 redirect. When timeout starts happening, even the 301 won't appear, let alone the subsequent HTTPS content.

So just for fun I quickly slapped together a little webserver in my lab at home that's configured to serve out all of headers above. The server runs PHP under Nginx, very similar to WBF's technology stack. No timeout issue at all. I also put a harmless cross-site scripting vulnerability in one corner of the site and tested with Firefox, Chrome and Internet Explorer. Internet Explorer intercepted it while Firefox and Chrome let it through. But nothing freezes.

In any case, no need to do anything special for me, and especially please don't post my IP address in public. The timeout often goes away in 10-15min. That's fine for my usage of the site. As mentioned, I can actually get in by obfuscating my IP address through the Tor network. But that hasn't been really necessary.
 
  • Like
Reactions: djsina2
accwai said:
Fascinating... A bit of clarification please if you don't mind: My understanding is x-xss-protection, x-frame-options and x-content-type-options are HTTP response headers coming from server to browser. That's certainly the complete opposite of how we normally understanding the Web Application Firewall business. The headers are usually enabled directly on the webserver configuration. Is Sucuri saying they're adding the headers to your outgoing traffic? Also, these headers are very prevalent as almost all the major websites on the net have them one way or another. If they're causing issues for some users, should these users be bogged down everywhere else already?

It's also a little unclear what At this time the "Additional Security Headers added to your site" option with all these above have been turned off covers. The x-xss-protection header doesn't appear on my end, but the other two still do. But for what it's worth, I'm still having frequent timeouts. When that starts happening, looking at network traffic with a browser in development mode shows no response after initial browser request. So this isn't the case of the webserver sending down something that upsets the browser. In fact, WBF is set up to force HTTP traffic into HTTPS via a 301 redirect. When timeout starts happening, even the 301 won't appear, let alone the subsequent HTTPS content.

So just for fun I quickly slapped together a little webserver in my lab at home that's configured to serve out all of headers above. The server runs PHP under Nginx, very similar to WBF's technology stack. No timeout issue at all. I also put a harmless cross-site scripting vulnerability in one corner of the site and tested with Firefox, Chrome and Internet Explorer. Internet Explorer intercepted it while Firefox and Chrome let it through. But nothing freezes.

In any case, no need to do anything special for me, and especially please don't post my IP address in public. The timeout often goes away in 10-15min. That's fine for my usage of the site. As mentioned, I can actually get in by obfuscating my IP address through the Tor network. But that hasn't been really necessary.
Click to expand...


The site seems to be working just fine since they made their changes

Thanks for your thoughts
 
I was wondering about the safety of posting publicly an IP address. Some are dynamic IP addresses, and in this world of Internet security and privacy are priorities everyone respect and protect.

"It's not safe to share the IP address of your computer on public Internet, particularly with strangers. It is possible to hack a computer, provided that the hacker knows the IP address of the victim's computer. ... There are several ways to hide one's own IP address, such as Network Address Translation, VPNs, etc." - Jun 14, 2018

I'm no expert on computers, others who are can share ...
 
NorthStar said:
I was wondering about the safety of posting publicly an IP address. Some are dynamic IP addresses, and in this world of Internet security and privacy are priorities everyone respect and protect.

"It's not safe to share the IP address of your computer on public Internet, particularly with strangers. It is possible to hack a computer, provided that the hacker knows the IP address of the victim's computer. ... There are several ways to hide one's own IP address, such as Network Address Translation, VPNs, etc." - Jun 14, 2018

I'm no expert on computers, others who are can share ...
Click to expand...

First off, nobody has a public IP on their computer. It’s on your home firewall, which by default denies all inbound connection attempts.
 
Steve Williams said:
The site seems to be working just fine since they made their changes
Click to expand...

As mentioned I'm still getting frequent timeouts. And this just happened while I was trying to login to post an answer to the classical music listening thread:



By the way, IDS = Intrusion Detection System
 

Attachments

  • wbf_ids.jpg
    wbf_ids.jpg
    80.7 KB · Views: 2
You asked not to do anything with your IP address as you like to use the Tor route which allows obfuscating the real thing

In any case, no need to do anything special for me, and especially please don't post my IP address in public. The timeout often goes away in 10-15min. That's fine for my usage of the site. As mentioned, I can actually get in by obfuscating my IP address through the Tor network. But that hasn't been really necessary.
Click to expand...

I have had no complaints other than from you in the past few days
 
Steve Williams said:
Your IP address has been white listed. You should have no further problem BUT please let us know if things have resolved
Click to expand...

Hi 15 min or so to log on last night and today. Last night I gave up and missed the whole no politics thread :oops:. I agree with what you want to do btw on that topic. This am after trying the web site for about 15 min, I get in and can post, read, etc with seemingly normal browsing times. Just that initial 15 min...
 
jfrech said:
Hi 15 min or so to log on last night and today. Last night I gave up and missed the whole no politics thread :oops:. I agree with what you want to do btw on that topic. This am after trying the web site for about 15 min, I get in and can post, read, etc with seemingly normal browsing times. Just that initial 15 min...
Click to expand...

Not sure why so I resubmitted a ticket asking them to look into it again
 
Here's a solution that works for me ...
• When access is difficult I switch browser, or I refresh it, or I use another highway for my browser.
It works 99.999% of the time.

But these are rare occurences, particularly more recently.
 
Status
Not open for further replies.

Similar threads

steve williams
SwiftKey finally comes to iPhone and iPad, hidden in a new Note app
Replies
0
Views
2K
Smartphones And Tablets Forum
steve williams
steve williams

About us

  • What’s Best Forum is THE forum for high end audio, product reviews, advice and sharing experiences on the best of everything else. This is THE place where audiophiles and audio companies discuss vintage, contemporary and new audio products, music servers, music streamers, computer audio, digital-to-analog converters, turntables, phono stages, cartridges, reel-to-reel tape machines, speakers, headphones and tube and solid-state amplification. Founded in 2010 What’s Best Forum invites intelligent and courteous people of all interests and backgrounds to describe and discuss the best of everything. From beginners to life-long hobbyists to industry professionals, we enjoy learning about new things and meeting new people, and participating in spirited debates.

Quick Navigation

Home Forums

User Menu

Login
Top Bottom