CB Registration is being detected as an attack

Louse
OFFLINE
Posts: 8
Thanks: 0
Karma: 0

12 years 2 months ago #209119 by Louse

CB Registration is being detected as an attack was created by Louse

Whenever somebody tries to register via CB on my website their IP is being blacklisted and suspended by my CSF firewall.

Upon investigation below is the error which is apparently being reported by CSF: could my site be infected or broken?

Aug 31 15:40:44 vm suhosin[10599]: ALERT - script tried to increase memory_limit to 83886080 bytes which is above the allowed value (attacker '212.183.***.***', file '/***/***/***/cms2/components/com_comprofiler/comprofiler.php', line 38)

I have recently upgraded from 1.5 to 2.5.6/CB 1.8.1 and I do use CB Profile Pro for my registration but it worked perfect before I (altered the .htaccess file and) made the site live.

Please help, any suggestions very welcome?

Site: ffres.org

Please Log in or Create an account to join the conversation.

winowsieci
OFFLINE
Posts: 3
Thanks: 0
Karma: 0

12 years 4 weeks ago #213189 by winowsieci

Replied by winowsieci on topic Re: CB Registration is being detected as an attack

HI,

got same issue. Tried few changes at com_comprofiler/comprofiler.php , but the only one which works for me is to change the value at line 38 to this you've got set on server. as for me was 64M, so the lines 37 - 39 look like:
if ( $memMax < 80000000 ) {
@ini_set( 'memory_limit', '64M' );
}
If you've got less value allowed you probably need to change more lines above. But I'm not a php guru, so do not know if this change is OK for the whole comprofiler, however it works for me and Alerts stopped, and the CB works

.... till now.

Cheers

Please Log in or Create an account to join the conversation.

Moderators: beat, nant, krileon