Forum

Hiawatha and ipv6 problems

David
25 October 2018, 21:50
I'm having a problem with ipv6 with hiawatha. For example alot of the logs show the servers ipv6 causing csrf problems when running cron like this.

2b32:3r60:110:3da3::1|Wed 24 Oct 2018 02:53:35 -0400|domain.com|/wp-cron.php?doing_wp_cron=1541234015.0831990242004391234250|CSRF

I already whitelist the ip6 to ::/64 and remove the leading 0 in the address because log removes it but the csrf protection blocks it. How to resolve this?
David
26 October 2018, 16:12
Sorry for my ignorance but I disabled ipv6 and my ipv4 gets blocked in CSRF Log. Is there a way to whitelist the CSRF/XSS/SQLi prevention?
Hugo Leisink
28 October 2018, 08:40
Yes, use RequestLimitMask for SQLi. There is no whitelist for CSRF or XSS, because it's the victim, not the attacker. Therefor, it will not be banned.
David
28 October 2018, 21:47
Thanks Hugo. So there is no way to get the server ipv4/ipv6 requests to bypass csrf without disabling the protection? What about omitting it in the exploit.log?

Thanks for any info.
Hugo Leisink
31 October 2018, 08:56
What you can do is add the URL of your website as the Referer header to your request. That's what Hiawatha checks for.
This topic has been closed.