Open nrshapiro opened 2 years ago
@nrshapiro this is not a hack. Session eedab33c-b561-40da-aa4f-69010d167ee3 is a user, Simona Barra, who registered with PEP today, but has no subscription. There are hundreds of AuthenticateFromIP & GetUser calls, which are filling up my logs, but I don't think it is anything suspicious from my end.
@nrshapiro I have finished work for the day, but I just had a random look at a few sessions of people who were logged on with subscriptions, and they too are producing hundreds of what appeared to be on that necessary IP authenticate and get user calls. The session below did a few successful document reads yesterday, but has been producing IP authenticate and get user calls ever since!!!!
I wanted to document this here, but I have not investigated who/what is behind these sessions and these problem calls/links:
The document keys are not quite right either...could be an error in some link, or given all of the above, someone trying to hack the system?