-
Notifications
You must be signed in to change notification settings - Fork 147
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
False positive crowdsecurity/http-bad-user-agent #866
Comments
sanvu88
changed the title
Fclearalse positive
Fclearalse positive crowdsecurity/http-bad-user-agent
Oct 31, 2023
sanvu88
changed the title
Fclearalse positive crowdsecurity/http-bad-user-agent
False positive crowdsecurity/http-bad-user-agent
Oct 31, 2023
Sorry it took sometime round to this issue, can you explain which scenario it triggered as that is not included within the report? I guess Edit: didnt read title sorry |
These lines in our seclists will cause the ban: I will create a PR to be removed |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
coccocbot is a bot of the coccoc search engine from Vietnam. I don't know why it is on the blacklist?
╭─────────────────┬───────────────────────────────────────────────────────────────────────────────────╮ │ Key │ Value │ ├─────────────────┼───────────────────────────────────────────────────────────────────────────────────┤ │ ASNNumber │ 45899 │ ├─────────────────┼───────────────────────────────────────────────────────────────────────────────────┤ │ ASNOrg │ VNPT Corp │ ├─────────────────┼───────────────────────────────────────────────────────────────────────────────────┤ │ IsInEU │ false │ ├─────────────────┼───────────────────────────────────────────────────────────────────────────────────┤ │ IsoCode │ VN │ ├─────────────────┼───────────────────────────────────────────────────────────────────────────────────┤ │ SourceRange │ 103.131.68.0/22 │ ├─────────────────┼───────────────────────────────────────────────────────────────────────────────────┤ │ datasource_path │ /home/web/logs/access/access.log │ ├─────────────────┼───────────────────────────────────────────────────────────────────────────────────┤ │ datasource_type │ file │ ├─────────────────┼───────────────────────────────────────────────────────────────────────────────────┤ │ http_args_len │ 0 │ ├─────────────────┼───────────────────────────────────────────────────────────────────────────────────┤ │ http_path │ / │ ├─────────────────┼───────────────────────────────────────────────────────────────────────────────────┤ │ http_status │ 444 │ ├─────────────────┼───────────────────────────────────────────────────────────────────────────────────┤ │ http_user_agent │ Mozilla/5.0 (compatible; coccocbot-web/1.0; +http://help.coccoc.com/searchengine) │ ├─────────────────┼───────────────────────────────────────────────────────────────────────────────────┤ │ http_verb │ GET │ ├─────────────────┼───────────────────────────────────────────────────────────────────────────────────┤ │ log_type │ http_access-log │ ├─────────────────┼───────────────────────────────────────────────────────────────────────────────────┤ │ service │ http │ ├─────────────────┼───────────────────────────────────────────────────────────────────────────────────┤ │ source_ip │ 103.131.71.85 │ ├─────────────────┼───────────────────────────────────────────────────────────────────────────────────┤ │ timestamp │ 2023-10-31T08:20:20+07:00 │ ╰─────────────────┴───────────────────────────────────────────────────────────────────────────────────╯
The text was updated successfully, but these errors were encountered: