A potentially dangerous Request.Path value was detected from the client

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.
4 years ago
Hi,

I have noticed the error below on a few of my sites and would like to know how to resolve the issue.
I am using nopcommerce 3.9.
Is there anyone that has experinced the same issue and how did you resolve it?

Log level: Error

Short message: A potentially dangerous Request.Path value was detected from the client (*).

Full message: System.Web.HttpException (0x80004005): A potentially dangerous Request.Path value was detected from the client (*). at System.Web.HttpRequest.ValidateInputIfRequiredByConfig() at System.Web.HttpApplication.PipelineStepManager.ValidateHelper(HttpContext context)

Customer: Guest
Page URL: https://www.youtstore.com/*|brand:logo|*

Regards,
0
4 years ago
I faced this issue several times. I found some urls or static file paths which contains special characters in my webpage. I removed them one by one and fixed them.
Thanks
Jaber Kibria
Solution Architect || Tech Lead || Brain Station - 23
Skype: live:jaber_270

nopStation: #1 nopCommerce Gold Solution Partner
Website: https://nop-station.com
We are one stop E-commerce solution provider
For any queries: [email protected]
Team Skype:  [email protected]
1
4 years ago
mhsjaber wrote:
I faced this issue several times. I found some urls or static file paths which contains special characters in my webpage. I removed them one by one and fixed them.

Jaber Kibria the best programmer I’ve seem!!!!!!!
-2
4 years ago
mhsjaber wrote:
I faced this issue several times. I found some urls or static file paths which contains special characters in my webpage. I removed them one by one and fixed them.


Hi @mhsjaber,

Is there anyway that I can run a search maybe at database level to find all items that contain this sort of error?
0
4 years ago
Example:

SELECT [Id]
      ,[LogLevelId]
      ,[ShortMessage]
      ,[FullMessage]
      ,[IpAddress]
      ,[CustomerId]
      ,[PageUrl]
      ,[ReferrerUrl]
      ,[CreatedOnUtc]
  FROM [dbo].[Log]
 WHERE [ShortMessage] LIKE '%A potentially dangerous%'
www.noptools.com
0
4 years ago
I have checked the logs already.  I am trying to determine where the site is getting this URL from.

I cannot find it anywhere on the site itself but it appears in the log.

Does anyone have the same problem or have an idea how I can track it down?
0
4 years ago
It appears in the log because 'hackers' are using various URLs to look for vulnerabilities in your site.  I see many similar messages like:

   A public action method '....php' was not found on controller 'Nop.Web.Controllers.BlogController'.

   The controller for path '/....php' was not found or does not implement IController.

You can just ignore them.  .php, .asp, etc. will not work against a nopCommerce site.

Consider using this setting  commonsettings.ignorelogwordlist
www.noptools.com
2
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.