SMF Support > SMF 2.0.x Support

IPv6 session errors - address not showing

(1/2) > >>

It started a few months ago, now I'm getting at least a dozen errors like that daily. (I obscured the domain for obvious reasons.)[PLM=0]+GET+[0,26104,432]+-%3E+[N]+POST+;action=post2+[0,43595,432]+-%3E+[N]+POST+;start=0;board=15+[0,43511,432]+-%3E+[N]+POST+;start=0;board=15+[0,43511,432]+-%3E+[N]+POST+;start=0;board=15+[0,43511,432]+-%3E+[N]+POST+;start=0;board=15+[0,43507,432]+-%3E+[N]+POST+;start=0;board=15+[0,43508,432]+-%3E+[N]+POST+;start=0;board=15+[0,43509,432]+-%3E+[N]+POST+;start=0;board=15+[0,43508,432]+-%3E+[N]+POST+;start=0;board=15+[0,43508,432]+-%3E+[N]+POST+;start=0;board=15+[0,43506,432]+-%3E+[N]+POST+;start=0;board=15+[0,43507,432]+-%3E+[N]+POST+;start=0;board=15+[0,43507,432]+-%3E+[N]+POST+;start=0;board=15+[0,0,59692]
2: session_start(): The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,'
Line: 2543

I can't ban those guys because their IP doesn't even show up in SMF.
Is anything being done about this? I mean will you address the current immunity of IPv6 addresses in future updates?

Take a look at this mod-

Thanks, this is appreciated. Although I don't think this is mod territory.

SMF 2.0 by default does not support ipv6, you need to use that mod.

something to consider is stopping them butt cold at the server by demanding they use a preferred cipher... and then choosing what ciphers are available to their browser.

--- Code: ---ECDHE-ECDSA-AES128-GCM-SHA256
--- End code ---

and protocol:

--- Code: ---  SSLProtocol All -SSLv2 -SSLv3

--- End code ---

^which prefers TLS1.2 while disallows s sslv3 which is likely your issue.

i just completed this on my server, and scored nicely on the test @

that^ list of ciphers requires a current openssl mod to apache, or a equiv depending on what system you're using.  each of those provides a secure transport (avoiding RSA altogether) ... folks making an approach to your forum requesting a session via compromised protocol will get stiff armed, and the only real drawback is some users using antiquated browsers (windows 8 w/ ie 6 for instance) will have to update their browsers to use your forum.

ip4 or 6... doesn't matter... you nail 'em down before they make it to your SMF.


[0] Message Index

[#] Next page

Go to full version