search

grnet / djnro

DjNRO hits the decks of eduroam database management
http://djnro.grnet.gr/
Other
10 stars 21 forks source link

logging: improve filtering of DisallowedHost events #91

Closed vladimir-mencl-eresearch closed 2 years ago

vladimir-mencl-eresearch commented 2 years ago

Hi @zmousm ,

While the filter introduced in d658e30 in #15 blocks DisallowedHost events from generating an admin notification email (as these are likely to happen on a public Internet site), there has been an increasing number of emails triggered from POST requests where the Referer header also fails the ALLOWED_HOSTS check.

These events are sent as a generic django.request events with DisallowedHost listed as the causing exception.

Catch this case and block logging for these events as well.

Are you happy to merge this one?

Cheers, Vlad

zmousm commented 2 years ago

Sure @vladimir-mencl-eresearch Do you think it makes sense to use a different callback or rename the existing one from skip_disallowed_host_suspicious_operations, so as to represent the extra check?

vladimir-mencl-eresearch commented 2 years ago

Thanks for the quick response @zmousm ,

I thought about it, and as it essentially filters the same operation (in a different representation), I added it into the same filter.

But I can refactor it into two separate filters if you'd like me to - I'll leave it as your call.

Cheers, Vlad

zmousm commented 2 years ago

It's OK, let's merge.