I have noticed the error below on a few of my sites and would like to know how to resolve the issue.
I am using nopcommerce 3.9.
Is there anyone that has experinced the same issue and how did you resolve it?
Log level: Error
Short message: A potentially dangerous Request.Path value was detected from the client (*).
Full message: System.Web.HttpException (0x80004005): A potentially dangerous Request.Path value was detected from the client (*). at System.Web.HttpRequest.ValidateInputIfRequiredByConfig() at System.Web.HttpApplication.PipelineStepManager.ValidateHelper(HttpContext context)
Page URL: https://www.youtstore.com/*|brand:logo|*
I faced this issue several times. I found some urls or static file paths which contains special characters in my webpage. I removed them one by one and fixed them.
I have checked the logs already. I am trying to determine where the site is getting this URL from.
I cannot find it anywhere on the site itself but it appears in the log.
Does anyone have the same problem or have an idea how I can track it down?
It appears in the log because 'hackers' are using various URLs to look for vulnerabilities in your site. I see many similar messages like:
A public action method '....php' was not found on controller 'Nop.Web.Controllers.BlogController'.
The controller for path '/....php' was not found or does not implement IController.
You can just ignore them. .php, .asp, etc. will not work against a nopCommerce site.
Consider using this setting commonsettings.ignorelogwordlist