2 results found

1. Prevent bot spamming logs

   We often see a lot of errors in the application logs related to bots spamming the website with URL requests that do not even exist, quite often these end in .php extension; example: https://[ConfiguredCommerceURL]/admin/function.php. These seem to be attacks that try to find vulnerabilities on the website. While often times these are harmless, they do pollute the application logs, making it harder for developers to find actual errors that are worth reporting. This feature request is to simply capture that kind of spam requests and simply block them, without processing anything else (these often come with errors such as 'Unity.Exceptions.InvalidRegistrationException' that arise from trying to find dependencies), upon finding out that the request is simply not valid as there should simply not exist any PHP resources on a Configured Commerce website, they should simply be blocked without actually logging an error. If we want to keep these maybe they should be logged somewhere else than the application logs so they could be more easily analyzed? maybe a list of these requests including the origin IP address.

   We often see a lot of errors in the application logs related to bots spamming the website with URL requests that do not even exist, quite often these end in .php extension; example: https://[ConfiguredCommerceURL]/admin/function.php. These seem to be attacks that try to find vulnerabilities on the website. While often times these are harmless, they do pollute the application logs, making it harder for developers to find actual errors that are worth reporting. This feature request is to simply capture that kind of spam requests and simply block them, without processing anything else (these often come with errors such as 'Unity.Exceptions.InvalidRegistrationException'… more

   4 votes

   Vote Vote Vote

   Optimizely Login

   Signed in as (Sign out)

   Close

   Close

   Vote

   We’ll send you updates on this idea

   New  ·  1 comment  ·  Delete…  ·  Admin →
   How important is this to you?

   Nice to have You must login first! Important You must login first! Critical You must login first!

   Optimizely Login

   Signed in as (Sign out)

   Close

   Close

   Submit Rating

2. CMS backup

   I'd like to suggest implementing an automated backup system for the CMS to avoid potential data loss or mishaps. Currently, backups can be done manually, which could leave us vulnerable to issues such as data corruption, system failure, or human error.

   Automating backups (daily or even more frequently) with proper versioning and offsite storage would ensure data integrity, minimize downtime, and provide a reliable rollback option in case of any unforeseen events.

   1 vote

   Vote Vote Vote

   Optimizely Login

   Signed in as (Sign out)

   Close

   Close

   Vote

   We’ll send you updates on this idea

   New  ·  1 comment  ·  Delete…  ·  Admin →
   How important is this to you?

   Nice to have You must login first! Important You must login first! Critical You must login first!

   Optimizely Login

   Signed in as (Sign out)

   Close

   Close

   Submit Rating