Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ActionDispatch::RemoteIp::IpSpoofAttackError #419

Open
christinach opened this issue Mar 21, 2024 · 1 comment
Open

ActionDispatch::RemoteIp::IpSpoofAttackError #419

christinach opened this issue Mar 21, 2024 · 1 comment
Labels
template-update

Comments

@christinach
Copy link
Member

ActionDispatch::RemoteIp::IpSpoofAttackError: IP spoofing attack?! HTTP_CLIENT_IP="10.235.113.36" HTTP_X_FORWARDED_FOR="128.112.203.145"

Honeybadger error url

Notes:

[3/21/2024 at 4:39 AM -04:00](https://app.honeybadger.io/projects/101075/faults/104971973/01HSG2M3GZP0E8W15PD3806K65?page=0) 	dss-prod2 	
ActionDispatch::RemoteIp::IpSpoofAttackError: IP spoofing attack?! HTTP_CLIENT_IP="10.235.113.36" HTTP_X_FORWARDED_FOR="128.112.203.145"
	Chrome 	117.0.0.0
[3/9/2024 at 11:23 AM -05:00](https://app.honeybadger.io/projects/101075/faults/104971973/01HRJ0DV94XC9EPVFYD1VE6FA1?page=0) 	dss-prod2 	
ActionDispatch::RemoteIp::IpSpoofAttackError: IP spoofing attack?! HTTP_CLIENT_IP="10.235.106.154" HTTP_X_FORWARDED_FOR="128.112.203.145"
	Chrome 	117.0.0.0
[3/2/2024 at 2:48 PM -05:00](https://app.honeybadger.io/projects/101075/faults/104971973/01HR0BBWK29RPZ9NCMN27E6XMP?page=0) 	dss-prod2 	
ActionDispatch::RemoteIp::IpSpoofAttackError: IP spoofing attack?! HTTP_CLIENT_IP="10.235.96.47" HTTP_X_FORWARDED_FOR="128.112.203.145"
	Chrome 	108.0.0.0
[2/27/2024 at 1:54 PM -05:00](https://app.honeybadger.io/projects/101075/faults/104971973/01HQNYP1N5DMNQ68078C8P89EX?page=0) 	dss-prod2 	
ActionDispatch::RemoteIp::IpSpoofAttackError: IP spoofing attack?! HTTP_CLIENT_IP="10.235.106.154" HTTP_X_FORWARDED_FOR="128.112.203.145"
	Chrome 	117.0.0.0
[2/26/2024 at 6:04 AM -05:00](https://app.honeybadger.io/projects/101075/faults/104971973/01HQJHCWF8CZ80D8YHT5KKQFKA?page=0) 	dss-prod2 	
ActionDispatch::RemoteIp::IpSpoofAttackError: IP spoofing attack?! HTTP_CLIENT_IP="10.235.78.119" HTTP_X_FORWARDED_FOR="128.112.203.145"
	Chrome 	115.0.0.0
@VickieKarasic
Copy link

VickieKarasic commented Mar 21, 2024
edited
Loading

On 3/14/24, we added a Content Security Policy to the DSS Catalog nginxplus config to allow for libwizard.com to embed the DSS Catalog into tutorials on its site, as part of a request from a librarian (see #4673). We have also added exceptions in nginxplus configs for the main library website (see #4743) and the library catalog (see #4764). In DACS standup today, we discussed whether this might be related to these Honeybadger errors, but the error timeline seems to suggest that this incident has been happening sporadically since February, which is before we made these changes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
template-update
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@sandbergja @christinach @VickieKarasic