Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

In this Discussion

osTicket v1.10 (stable) and Maintenance Release v1.9.15 are now available! Go get it now

Outpost scans caused a lot of DB errors

Hi Team, our osTicket machine gets a weekly securitys scan. In the previous versions of osticket this did not cause serious errors but on our new server with the latest version we get a lot of db errors like this one. Is it possible to make the logging a bit more quiet ? i got 3000 of them last week in my mailbox... I am running 1.10 stable at this moment. 


[INSERT INTO `ost_session` SET `session_id` = 'http://www.outpost24.com/probe/php.txt', `session_data` = 'csrf|a:2:{s:5:\"token\";s:40:\"7d95a94a6543cc28ca9f3a19cc4b7c9020297510\";s:4:\"time\";i:1482626974;}', `session_expire` = NOW() + INTERVAL 86400 SECOND, `user_ip` = '91.216.32.31', `user_agent` = 'Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:40.0) Gecko/20100101 Firefox/40.0'] Duplicate entry 'http://www.outpost24.com/probe/php.txt' for key 'PRIMARY'

---- Backtrace ----
#0 (root)/include/mysqli.php(204): osTicket->logDBError('DB Error #1062', '[INSERT INTO `o...')
#1 (root)/include/class.orm.php(3133): db_query('INSERT INTO `os...', true, true)
#2 (root)/include/class.orm.php(597): MySqlExecutor->execute()
#3 (root)/include/class.ostsession.php(216): VerySimpleModel->save()
#4 (root)/include/class.ostsession.php(158): DbSessionBackend->update('http://www.outp...', 'csrf|a:2:{s:5:"...')
#5 [internal function]: SessionBackend->write('http://www.outp...', 'csrf|a:2:{s:5:"...')
#6 [internal function]: session_write_close()
#7 {main}

Comments

  • Logging level is set in: Admin panel -> Settings -> Default Log Level.

    But I do not think that is going to help you. The error says that its trying to insert session data into your database, and your database says that this information already exists. Are you running cron.php regularly?

    And I have no idea what this would have to do with "outpst scans", or "weekly securitys scan" or even what you mean by that.
  • Hi, 
    outpost is a security scanning service, we use  this service to scan our sites on vulnerabilitys.
    I am running the cron.php on every 5 minutes indeed. It could also be the scheduled script we use to proces the emails. And we have had some issues with those scripts in the past. 
    All mails have been processed and moved to the backup folder.
    The errors are all created by ip 91.216.32.31


  • Here some logentrys in snapshot
    Clipboard01.jpg
    916 x 330 - 49K
  • This weekend we received again 3000 messages, i changed the warn level to error level. Lets see if this helps.

    Regards
    eelco
Sign In or Register to comment.