CSRF attacked detected on eventlog.xml

Eduardo López asked on April 4, 2019 00:55

Hello everyone!

I am having problems with report of CSRF attack on my eventlog.xml. Does anyone have the same issue or know how can I fix it?

Or is it a real attack?

Recent Answers

Trevor Fayas answered on April 4, 2019 18:27

Sadly i've found that most times it's a false alarm, depending on how your forms post and such, we have had to disable it on many of our sites through the AppKey. Is that the safest thing? no, but if you have an form that it's being triggered on, you may need to take that route.

First though verify this isn't a real attack, if it is and you have a form exposed that could be a risk factor, you probably don't want to disable CSRF.

i would read up on Kentico's documentation on CSRF and judge for yourself what you want to do.

0 votesVote for this answer Mark as a Correct answer

Eduardo López answered on April 9, 2019 00:13

I don't have any form on my website. So that means that could be a real attack?

0 votesVote for this answer Mark as a Correct answer

Trevor Fayas answered on April 9, 2019 01:17

While not zero, the probability it's a real attack is pretty unlikely. I've triggered csrf errors from time to time myself. We usually disable it if we come to it.

0 votesVote for this answer Mark as a Correct answer

Eduardo López answered on April 10, 2019 23:17

I´m also having strange URL request like this.

https://www.mydomain.com:443/vi https:/www.amazon.es/Pioneer-VSX-330-Sintoamplificador-resolucin-TrueHD/dp/B014Q2LOMA?SubscriptionId=AKIAI4DOR3FUVH5BBNRQ&tag=digitea-21&linkCode=xm2&camp=2025&creative=165953&creativeASIN=B014Q2LOMA nilicas

0 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.