Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Petrs 10 posts 90 karma points
    May 31, 2022 @ 16:01
    Petrs
    0

    Keep alive hacked/vulnerability?

    Hello, I noticed this error messages in my umbraco 9 log:

    May 31, 2022 10:34:25 AM Error vm489217 Keep alive failed (at '"http://www.superbetinsitesi.com/api/keepalive/ping"').

    My domain the website is running is completely different, I have never seen this superbetinsitesi.com url before. So my question is, how this foreign url got in my log and why it calls the keepalive api.

    (appsettings.json has no url like this) screenshot from log

    Thanks

  • Kevin Meilander 82 posts 408 karma points c-trib
    May 31, 2022 @ 19:01
    Kevin Meilander
    1

    If there is no value for umbracoApplicationUrl, Umbraco will use the domain of the first request as the base URL. So if you have a generic binding on your site, if someone updates a domain to point to your site and is the first request this could happen. You want to be sure to set this value in your app setttings to your specific domain if you have a generic site binding.

    https://our.umbraco.com/documentation/Extending/Health-Check/Guides/FixedApplicationUrl

    Also, there was a securiy alert somewhat related to this a few months ago you might want to check out.

    https://umbraco.com/blog/security-advisory-january-20-2022-medium-severity-security-vulnerability-identified-in-umbraco-cms/

  • Petrs 10 posts 90 karma points
    May 31, 2022 @ 19:03
    Petrs
    0

    Thanks for answer, Kevin!

Please Sign in or register to post replies

Write your reply to:

Draft