- Issue created by @teknocat
- 🇵🇹Portugal pedro-alves
Hello @teknocat ,
Yes, sounds reasonable. We will add the feature in next version 2.55 somewhere inside the module Protection Tools. Congrats, new.reviewboard.ca looks really good.
Meanwhile, I do see a block for 50.117.xxx.xxx in openid_connect_login_form, you can avoid these blocks by setting the firewall rules to Relaxed mode (Protection Tools -> Basic Tools -> HAF Firewall Rules -> Relaxed)
I also see 82.147.84.215 whitelisted, careful... this one is dangerous... 100% confidence:
https://www.spammaster.org/search-threat/?search_spam_threat=82.147.84.215 - 🇨🇦Canada teknocat
Hello @pedro-alves,
Thank you for the fast response and the advice! I really appreciate how responsive you are to issues on this module and how quickly you implement changes and updates.
I will go and change the HAF firewall rule to relaxed and advise my team so we can see if that's appropriate in our other sites as well.
That other IP address you mentioned was white-listed by accident and I removed it already. I just copied and pasted the wrong one by mistake when trying to white list the client's IP address.
Looking forward to that next update with the feature to exclude/white-list forms entirely.
Peter
- 🇵🇹Portugal pedro-alves
Hi @teknocat,
Version 2.55 is out and you can whitelist form_ids via module top menu tab Whitelist.
Scans on whitelisted forms should not appear in spammaster.org website firewall.
Thanks for the request.
Pedro - 🇨🇦Canada teknocat
That's fantastic! When we perform the next round of updates on the website that I linked in this issue, we'll be sure to white-list the ID of the form that handles the open ID connect functionality.