Possible hacking attempt -error_log

Archived from the Xataface Users forum.

mermentau — Wed Nov 28, 2012 7:31 pm

I have the latest stable release version and my error_log in the application gets lots of this error:

Session address does not match the remote address. Possible hacking attempt. Session address was ‘’, User address was ‘::ffff:453b:2840’

I don’t really suspect hacking and am guessing it’s some kind of config error. I’ve done a good bit of searching and found nothing relating.

---

shannah — Fri Nov 30, 2012 4:54 am

Xataface checks to make sure that multiple requests for the same session come from the same IP address. Unfortunately it seems to be broken with IPv6..

You can disable this (and I recommend you do until it is fixed) by adding the following to the beginning of your conf.ini file:

Code: Select all

disable_session_ip_check=1

-Steve

---

mermentau — Fri Nov 30, 2012 3:17 pm

That sounds easy enough. Thanks