I have been getting the following type of errors in the log files
Code:
23-Jul-2024 02:24:39 Australia/Brisbane] Request URI: /index.php, IP address: 193.3.19.221, Language id 1#0 [internal function]: zen_debug_error_handler()
#1 /home/xxxx/public/includes/classes/db/mysql/query_factory.php(667): trigger_error()
#2 /home/xxxx/public/includes/classes/db/mysql/query_factory.php(634): queryFactory->show_error()
#3 /home/xxxx/public/includes/classes/db/mysql/query_factory.php(275): queryFactory->set_error()
#4 /home/xxxx/public/includes/functions/sessions.php(77): queryFactory->Execute()
#5 [internal function]: _sess_write()
#6 /home/xxxx/public/includes/application_bottom.php(40): session_write_close()
#7 /home/xxxxpublic/index.php(102): require('...')
--> PHP Fatal error: 1366:Incorrect string value: '\xC0\xA7\xC0\xA2%2...' for column `zc158a_PRODUCTION`.`zen_sessions`.`sesskey` at row 1 :: insert into zen_sessions (sesskey, expiry, `value`)
values ('1\0ˤˢ%27%22', 1721666919,
This is coming from a rogue site that I have since blocked via htaccess. It hit the site 560 times in 161 seconds
In the Apache error logs that string
Code:
1 \xc0\xa7\xc0\xa2%2527%2522
is displayed as the referer: field
Is there any extra filtering / sanitizing that can be added to trap these corrupted URLS?
Bookmarks