Classical Music Forum banner

How can my post be an "exploit"?

2K views 8 replies 4 participants last post by  Krummhorn 
G
#1 ·
Yesterday I tried to make an ordinary post without any links or attachments and instead of the post going through I got a screen from some website firewall system saying my post was an "exploit" and that the website had been protected from me by "virtual hardening" or some such. I was using Safari under MacOS. I could post from the same computer using Firefox, and some time later I could post using Safari from the same computer.

As a result of this outrage the world has been deprived of one of my extremely valuable musings on Coronavirus. :)
 
G
#6 ·
I assume a glitch in the "exploit" detection software. I remember that when I was using an older version of windows with Norton Antivirus it was constantly telling me that c-programs that I had written and compiled myself contained viruses and had to be contained in the virus vault. Apparently it worked by detecting sequences of bytes that were found in known viruses.
 
#5 ·
. . . got a screen from some website firewall system saying my post was an "exploit" and that the website had been protected from me by "virtual hardening" or some such.
What was the "some" website URL?

We do employ an anti-spam app that checks for suspect links in posts, but the end result of that app would have put the post into moderation queue and let the staff know.

Need to know the URL of the "some" website if you wish for us to investigate further.
 
G
#7 · (Edited)
I found it in my history list. It was "sucuri website firewall." Dec 3 at about 11 pm U.S. Central time. The URL was talkclassical.com itself. When I tried get additional information I got to this website. https://labs.sucuri.net/signatures/waf/exp034-exploit-attempt-denied/

This is the link that showed me the warning. It doesn't show it when I revisit
https://www.talkclassical.com/newreply.php?do=postreply&t=68547

I assumed it was some software that is installed on the talkclassical server to intercept viruses, etc.
 
#9 ·
The generic answer here is that certain ISP's (Internet Service Providers) have problematic IP addresses ... IP's that are predominantly used for spam and hacking.

The common practice for most all ISP's is to rotate their users to different IP addresses from time to time. It appears that the post in question originated from a blacklisted IP address of a certain ISP, no fault of the Talk Classical member.

The problem lies with the ISP ... Once their admins start doing the jobs they are being paid for and eliminate spammers the problem will go away.

Blame the ISP's ... not Talk Classical ... We are only trying to protect our site from spammers and hackers.
 
This is an older thread, you may not receive a response, and could be reviving an old thread. Please consider creating a new thread.
Top