Developer forum

Forum » CMS - Standard features » Access restriction bypass via origin spoof

Access restriction bypass via origin spoof

Kurt Moskjær Andersen
Kurt Moskjær Andersen
Reply

Hi,

One of our clients are using Blackstone One to check their website for security breaches. They have received a couple of warnings about "Access restriction bypass via origin spoof", where Blackstone One gives the following description:

"BlackstoneOne discovered a resource that it did not have permission to access, but been granted access after spoofing the address of localhost (127.0.0.1), thus bypassing any requirement to authenticate."

Anyone else seen this problem and figured out a way of fixing it?

--
Best regards
Kurt Moskjaer Andersen


Replies

 
Nicolai Pedersen
Reply

Hi Kurt

I think it require a little more insight into the report to give an answer. Usually this kind of error is related to an issue where you have a ip restriction on content - which can be bypassed. So if you have more information from the report, please post here - or feel free to send it to us.

BR Nicolai

 
Kurt Moskjær Andersen
Kurt Moskjær Andersen
Reply

Hi Nicolai,

I will try to get a more thorough report from them and get back to you.

/Kurt

 

You must be logged in to post in the forum