200 X-Frame-Options: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self'; X-UA-Compatible: IE=Edge X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Telligent-Evolution: 12.x Pragma: no-cache Connection: close Accept-Ranges: bytes Cache-Control: no-store, no-cache, max-age=0 Date: Sat, 30 Nov 2024 04:52:47 GMT ETag: "0x8DD02F56CCD7D1F" Set-Cookie: .te.csrf=US7h2jAUW6Wkc62xaVlBvsLQpX65aTc83rH7AQqcUV4; path=/; secure; SameSite=Lax Set-Cookie: .te.auth=nbQVroy%2bscSCYJJ%2bV%2bieR2mSVlziF31JmhEVRHWbqlfkkgjW0VMqx0nRmH574zPi7HJh%2fi%2fIVsw3BJatbAFYk3HUt1O9DKq87zQUNScLDktVZN2ZM4oEOFDyprj6u%2fpeLAdf2xqomvoZ1OeVqKF8zMXiTW3%2f1h3PfPIZ1ZpB9mAcEGr3VlXfONB4dDqMty14tVhXS%2fw0nj8z9p87wCOnFdaNj7dt5RK0mKEfQK%2f85P0Y50kxBoE6tP5DGpN5KgQ%2b9rR0b%2bX%2fepOI8uTGn9Xhew%3d%3d; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: e14Guest=1; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure; HttpOnly Set-Cookie: e14Country=NL; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure; HttpOnly Set-Cookie: e14Language=en; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure; HttpOnly Set-Cookie: e14TimeZone=Etc/UTC; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure; HttpOnly Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=10 Server-Timing: origin; dur=20 Server-Timing: ak_p; desc="1732942367178_3090373303_144479961_2978_10227_7_14_-";dur=1 Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload #set ($UserId = $core_v2_user.Accessing.Id) #set ($Roles = $core_v2_utility.MakeList('Moderators', 'Almost Admins', 'Administrators')) #set ($IsAdminLike = $e14_utils.IsUserInRoleOrAdmin($UserId, $Roles)) #if($IsAdminLike == 'False') #end
Actions
Forum Thread Details
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 15 replies
  • Answers 1 answer
  • Subscribers 12 subscribers
  • Views 727 views
  • Users 0 members are here
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

'Blogs' tab is sick again

shabaz

Hi,

The 'blogs' tab is generating just three pulsing circles again. I've tested on home and mobile internet connections, with two different browsers, and I see the same problem.

Top Replies

Parents
  • 0

    Hi all,

    At time 21:05 UK-time 29th Sep, the blogs tab failed to load again (when using DSL), on my laptop. (EDIT: it's now 21:16, it's failing for ten minutes at least).

    As soon as this occurred, I switched off the WiFi connection on the mobile, and tried browsing to the Blogs tab using mobile Chrome. I see the same issue, so it can't be security measure related. 

    I used the whatismyip website to confirm I had a very different IP address (86.xx.xx.xx on laptop, and 148.xx.xx.xx on phone).

    Please can this issue be re-opened, because it doesn't seem to block on IP. I can supply the IP addresses if it needs to be checked against any log.

  • 0 in reply to shabaz

    I've found you in the logs. I can see what has happened but I can't answer why it has happened.

    It's based on a piece of content you both viewed which is throwing a false positive.

    It's late now so I won't do it now, but in the morning I'll pull that module.

  • 0 in reply to Dudley

    I've looked again today with a wakeful mind, and I can see what happened here, and made a small tweak.

    Can you shout loudly if you get this again   &  

  • 0 in reply to Dudley

    Will do.  Makes us sound a little dodgy actually Grinning : can you not explain more about what the issue is?

Reply Children
  • 0 in reply to Andrew J
    Andrew J said:
    can you not explain more about what the issue is?

    A piece of content that is being viewed, is being assessed when it's being viewed by protection mechanisms.

    Those protection mechanisms, are flagging it as a false positive against whoever views it.

    The viewer then gets punished by the protection mechanisms, because it's incorrectly flagged as a false positive, even though it should be fine.

    Dudley raised this with the vendor of the protection mechanisms because it shouldn't be behaving that way.

    There's not a lot of decent fuzzy logic in these things it seems, in a world of dynamic IP addresses for example, the vendor might say "hey, just whitelist that IP address" and you turn around and go "Have you seen home IP addresses? when are they ever static?" which points out how silly they are.

    Similar to false positives in content, "Oh just whitelist that content" Yeah, but, how about you change how it identifies the content instead?

    And so it then takes time for the vendor to fix it, and while that goes on, Dudley removes or disables the 'module' in the protection mechanism to prevent the problem, all the while making the site a bit vulnerable, unfortunately, while it's removed.

    Dudley had tried to change the settings to prevent it from triggering a false positive, sadly that didn't work on this occasion, and the symptoms of it ended up being pretty bad for anyone browsing the site.