User-Agent SRC: User-Agent: Mozilla/5.0

Hello

since the new version we got serious problem with out hosting provider. It seems that WA sends a lot more requests to the server. Due this we get locked out because it seems like an DDoS. After some talking with the SysAdmin we figured out that the UserAgent which is sent from WA is kind of often used through attacks:
User-Agent: Mozilla/5.0
Which leads to lock outs.

May you please change the user agent to something more specific, like WorklogAssiastantJiraConnector/1.0

This will prevent that our (and I assume may others) alarm system from locking me out.

See here the full Log from a WA request:

Sensor Name: sos1-eth1
Timestamp: 2016-09-01 18:14:20
Connection ID: CLI
Src IP: 77.58.12.94 (77-58-12-94.dclient.hispeed.ch)
Dst IP: 217.111.xxx.88 (chbslds016.xxxxx)
Src Port: 50390
Dst Port: 80
OS Fingerprint: 77.58.12.94:50390 - UNKNOWN
[65535:57:1:64:M1420,N,W5,N,N,T,S,E:P:?:?] (up: 929 hrs)
OS Fingerprint: -> 217.111.138.88:80 (link: unknown-1460)

SRC: GET /images/icons/issuetypes/bug.png HTTP/1.1
SRC: Cookie:
atlassian.xsrf.token=BSMS-03G5-9T4A-F9S8|063d63299ae3cf0153c33bf37342cee26ec1e8f2|lout
SRC: Connection: Keep-Alive
SRC: Accept-Encoding: gzip, deflate
SRC: Accept-Language: en-US,*
SRC: User-Agent: Mozilla/5.0
SRC: Host: jira.esense.ch
SRC:
SRC:
DST: HTTP/1.1 200 OK
DST: Server: nginx
DST: Date: Thu, 01 Sep 2016 18:14:21 GMT
DST: Content-Type: image/png
DST: Content-Length: 1017
DST: Connection: keep-alive
DST: X-AREQUESTID: 1214x156104x1
DST: Cache-Control: max-age=31536000
DST: X-ASEN: SEN-5487803
DST: X-AUSERNAME: anonymous
DST: X-Content-Type-Options: nosniff
DST: Accept-Ranges: bytes
DST: ETag: W/"1017-1434447290000"
DST: Last-Modified: Tue, 16 Jun 2015 09:34:50 GMT
1 person has
this problem
+1
Reply