Ich habe eine Rails 4.2.6 App (auch Devise läuft) in Produktion mit der Exception Notification Edelstein installiert und funktioniert. Ich bekomme Wellen in Hunderten von ActionController::InvalidAuthenticityToken
Fehler (Beispiel unten), in der Regel 2-3 pro Minute für Stunden zu einer Zeit. Ich bin nicht allzu sehr auf die Sicherheitsseite von Rails konzentriert, aber ich schätze, das ist ein Roboter, der einen CSRF-Angriff irgendeiner Form versucht.Regelmäßige ActionController :: InvalidAuthenticityToken Ausnahmen - Rails
Es kommt immer von der gleichen IP-Adresse (107.15.69.216), die wie eine aus Raleigh, North Carolina, USA aussieht.
Ist es ein Roboter?
Und, muss ich etwas dagegen tun oder ist der Fehler einfach der Beweis, dass der CSRF-Angriffsschutz von Devise so funktioniert, wie er sollte?
An ActionController::InvalidAuthenticityToken occurred in registrations#create:
ActionController::InvalidAuthenticityToken
-------------------------------
Request:
-------------------------------
* URL : https://xxx.xxx.xxx.xxx/
* HTTP Method: POST
* IP address : 107.15.69.216
* Parameters : {"Q/Zcl9vJY8K1NPSRoHXnCQrZaPF8pu/uXVPyCfW8RnAQclIPvjOvpXqFLY TPUg9uBDmGWG5lMd8vzgSuGw79LAE d03xLFVtA/JUrX7cKmb3u Wrd7xS2LsMlSj2zAvtxmSPkGpoKR8e1p/XAQ exuiMte/fyXnLSrVjMfmzpNNxr7MSamyRHFVQan3LaxMJUq 02h4D1L4psFwbwl9k27W45G8FT9LaS2HG7g7y/rsxAon8ovLUgQNY2HcRMf7XlZxmxK20kDWfcLLn8DrpwY/bSW6mGsxAgD0CkapGj5LU7Smg5FvtR5qFn7q Ey9F0YdlMpE5/MqYWQNINgpzIxokxY1JyEdg5WphcGExuXjPDN3ChYUrkZG4h PAe7LuaGSQjyTOY/K4/O/iLODlBcM EqxCVZY8J04"=>nil, "controller"=>"registrations", "action"=>"create"}
* Timestamp : 2017-01-12 14:00:54 UTC
* Server : sgp1-iml-01
* Rails root : /home/app-name-deploy/apps/app-name/releases/20161212034105
* Process: 11031
-------------------------------
Session:
-------------------------------
* session id: [FILTERED]
* data: {}
-------------------------------
Environment:
-------------------------------
* CONTENT_LENGTH : 420
* CONTENT_TYPE : application/x-www-form-urlencoded
* GATEWAY_INTERFACE : CGI/1.2
* HTTP_CACHE_CONTROL : no-cache
* HTTP_CONNECTION : close
* HTTP_HOST : xxx.xxx.xxx.xxx
* HTTP_USER_AGENT : Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
* HTTP_VERSION : HTTP/1.0
* HTTP_X_FORWARDED_FOR : 107.15.69.216
* HTTP_X_FORWARDED_PROTO : https
* ORIGINAL_FULLPATH :/
* ORIGINAL_SCRIPT_NAME :
* PATH_INFO :/
* QUERY_STRING :
* REMOTE_ADDR : 127.0.0.1
* REQUEST_METHOD : POST
* REQUEST_PATH :/
* REQUEST_URI :/
* ROUTES_42047240_SCRIPT_NAME :
* SCRIPT_NAME :
* SERVER_NAME : xxx.xxx.xxx.xxx
* SERVER_PORT : 443
* SERVER_PROTOCOL : HTTP/1.1
* SERVER_SOFTWARE : puma 3.6.0 Sleepy Sunday Serenity
* action_controller.instance : #<RegistrationsController:0x00000006f6a0d0>
* action_dispatch.backtrace_cleaner : #<Rails::BacktraceCleaner:0x00000005458648>
* action_dispatch.cookies : #<ActionDispatch::Cookies::CookieJar:0x00000006f537b8>
* action_dispatch.cookies_digest :
* action_dispatch.cookies_serializer : json
* action_dispatch.encrypted_cookie_salt : encrypted cookie
* action_dispatch.encrypted_signed_cookie_salt : signed encrypted cookie
* action_dispatch.http_auth_salt : http authentication
* action_dispatch.key_generator : #<ActiveSupport::CachingKeyGenerator:0x00000006945560>
* action_dispatch.logger : #<ActiveSupport::Logger:0x00000006d22570>
* action_dispatch.parameter_filter : [:password]
* action_dispatch.redirect_filter : []
* action_dispatch.remote_ip : 107.15.69.216
* action_dispatch.request.content_type : application/x-www-form-urlencoded
* action_dispatch.request.formats : [#<Mime::Type:0x000000053404e0 @synonyms=["application/xhtml+xml"], @symbol=:html, @string="text/html", @hash=672552242721212245>]
* action_dispatch.request.parameters : {"Q/Zcl9vJY8K1NPSRoHXnCQrZaPF8pu/uXVPyCfW8RnAQclIPvjOvpXqFLY TPUg9uBDmGWG5lMd8vzgSuGw79LAE d03xLFVtA/JUrX7cKmb3u Wrd7xS2LsMlSj2zAvtxmSPkGpoKR8e1p/XAQ exuiMte/fyXnLSrVjMfmzpNNxr7MSamyRHFVQan3LaxMJUq 02h4D1L4psFwbwl9k27W45G8FT9LaS2HG7g7y/rsxAon8ovLUgQNY2HcRMf7XlZxmxK20kDWfcLLn8DrpwY/bSW6mGsxAgD0CkapGj5LU7Smg5FvtR5qFn7q Ey9F0YdlMpE5/MqYWQNINgpzIxokxY1JyEdg5WphcGExuXjPDN3ChYUrkZG4h PAe7LuaGSQjyTOY/K4/O/iLODlBcM EqxCVZY8J04"=>nil, "controller"=>"registrations", "action"=>"create"}
* action_dispatch.request.path_parameters : {:controller=>"registrations", :action=>"create"}
* action_dispatch.request.query_parameters : {}
* action_dispatch.request.request_parameters : {"Q/Zcl9vJY8K1NPSRoHXnCQrZaPF8pu/uXVPyCfW8RnAQclIPvjOvpXqFLY TPUg9uBDmGWG5lMd8vzgSuGw79LAE d03xLFVtA/JUrX7cKmb3u Wrd7xS2LsMlSj2zAvtxmSPkGpoKR8e1p/XAQ exuiMte/fyXnLSrVjMfmzpNNxr7MSamyRHFVQan3LaxMJUq 02h4D1L4psFwbwl9k27W45G8FT9LaS2HG7g7y/rsxAon8ovLUgQNY2HcRMf7XlZxmxK20kDWfcLLn8DrpwY/bSW6mGsxAgD0CkapGj5LU7Smg5FvtR5qFn7q Ey9F0YdlMpE5/MqYWQNINgpzIxokxY1JyEdg5WphcGExuXjPDN3ChYUrkZG4h PAe7LuaGSQjyTOY/K4/O/iLODlBcM EqxCVZY8J04"=>nil}
* action_dispatch.request.unsigned_session_cookie: {}
* action_dispatch.request_id : b8c1d2ef-0272-4e58-928d-8d02e8c5ad28
* action_dispatch.routes : #<ActionDispatch::Routing::RouteSet:0x00000005032e10>
* action_dispatch.secret_key_base : 72399ae7d71631b9bf5c19fe5e63e6e6c7163f37cdf8d1bb853cb77b53b6de0d20ce168a0e4a6fc87fadeb09b122a30d09ff9103f2f05a6bd5660c4c00f57392
* action_dispatch.secret_token :
* action_dispatch.show_detailed_exceptions : false
* action_dispatch.show_exceptions : true
* action_dispatch.signed_cookie_salt : signed cookie
* devise.mapping : #<Devise::Mapping:0x00000006939c60>
* puma.config : #<Puma::Configuration:0x00000002f1e940>
* puma.socket : #<UNIXSocket:0x00000006f768a8>
* rack.after_reply : []
* rack.errors : #<File:0x0000000230dac0>
* rack.hijack : #<Puma::Client:0x00000006f76880>
* rack.hijack? : true
* rack.input : #<StringIO:0x00000006f762b8>
* rack.multiprocess : false
* rack.multithread : true
* rack.request.cookie_hash : {}
* rack.request.form_hash : {"Q/Zcl9vJY8K1NPSRoHXnCQrZaPF8pu/uXVPyCfW8RnAQclIPvjOvpXqFLY TPUg9uBDmGWG5lMd8vzgSuGw79LAE d03xLFVtA/JUrX7cKmb3u Wrd7xS2LsMlSj2zAvtxmSPkGpoKR8e1p/XAQ exuiMte/fyXnLSrVjMfmzpNNxr7MSamyRHFVQan3LaxMJUq 02h4D1L4psFwbwl9k27W45G8FT9LaS2HG7g7y/rsxAon8ovLUgQNY2HcRMf7XlZxmxK20kDWfcLLn8DrpwY/bSW6mGsxAgD0CkapGj5LU7Smg5FvtR5qFn7q Ey9F0YdlMpE5/MqYWQNINgpzIxokxY1JyEdg5WphcGExuXjPDN3ChYUrkZG4h PAe7LuaGSQjyTOY/K4/O/iLODlBcM EqxCVZY8J04"=>nil}
* rack.request.form_input : #<StringIO:0x00000006f762b8>
* rack.request.form_vars : [FILTERED]
* rack.request.query_hash : {}
* rack.request.query_string :
* rack.run_once : false
* rack.session : #<ActionDispatch::Request::Session:0x00000006f6bea8>
* rack.session.options : #<ActionDispatch::Request::Session::Options:0x00000006f6be08>
* rack.url_scheme : http
* rack.version : [1, 3]
* warden : Warden::Proxy:58416640 @config={:default_scope=>:user, :scope_defaults=>{}, :default_strategies=>{:user=>[:rememberable, :database_authenticatable]}, :intercept_401=>false, :failure_app=>#<Devise::Delegator:0x00000007b40dc8>}
Dank
Vielen Dank für die Antwort. Ich habe die Zeile "<% = csrf_meta_tags%>" im Layout. Das Rack-Attack-Juwel sieht interessant aus. Ich werde es überprüfen, danke. – slehmann36