CyberHosting

Fixing error_message": "Session reuse detected, IPAddress logged

{"errorMessage": "Session reuse detected, IPAddress logged.", "error_message": "Session reuse detected, IPAddress logged."}

Can you point me how to fix/disable this?

My IP is dynamic, so every now and then it will be changed by my ISP. Sometimes it's minutes, and it can be hours.

Before (1.8.6 or older) this is not a problem.

Comments

  • Do you want to remove this limitation?
  • I have the same problem, I have to go straight, only a vps is not accessible. How to troubleshoot this issue
  • edited August 30
    If your IP change frequently and you don't need this protection, you can edit this file

    https://github.com/usmannasir/cyberpanel/blob/1.8.0/CyberCP/secMiddleware.py

    Remove line 11-40.

    On server this file is available at /usr/local/CyberCP/CyberCP

    then systemctl restart lscpd
  • edited July 31
    I did the procedure, but in the browser returns error 500 (solved - it was my mistake)
  • Thanks Cyber Panel got it.
    after I started giving this problem I would switch panels, but there is no better panel with this support.
  • pls fix it
    I same err
    after remove line 11-40, i don't use cyberpanel access anybutton
  • please fix that problem, :( still can not working anymore
  • Surely the more professional look would be to redirect to the login page rather than just showing an error message like that?

  • edited September 13

    If your IP change frequently and you don't need this protection, you can edit this file

    https://github.com/usmannasir/cyberpanel/blob/1.8.0/CyberCP/secMiddleware.py

    Remove line 11-40.

    On server this file is available at /usr/local/CyberCP/CyberCP

    then systemctl restart lscpd

    How can i edit that file on my server? im not know that :(
  • edited September 13

    I did the procedure, but in the browser returns error 500 (solved - it was my mistake)

    i got error: 500
    what's next?
  • edited September 14
    @anhtuan

    It is possible that you remove some additional lines from secMiddleware.py which is why you are getting 500 error.
  • edited September 14

    @anhtuan

    It is possible that you remove some additional lines from settings.py which is why you are getting 500 error.

    please lest me now for fix that! which line to remove in setting.py?. so now im swicth to vpssim.
  • edited September 14
    In your secMiddleware.py file remove these lines
            try:
    uID = request.session['userID']
    ipAddr = request.META.get('REMOTE_ADDR')

    if ipAddr.find('.') > -1:
    if request.session['ipAddr'] == ipAddr:
    pass
    else:
    del request.session['userID']
    del request.session['ipAddr']
    logging.writeToFile(request.META.get('REMOTE_ADDR'))
    final_dic = {'error_message': "Session reuse detected, IPAddress logged.",
    "errorMessage": "Session reuse detected, IPAddress logged."}
    final_json = json.dumps(final_dic)
    return HttpResponse(final_json)
    else:
    ipAddr = request.META.get('REMOTE_ADDR').split(':')[:3]

    if request.session['ipAddr'] == ipAddr:
    pass
    else:
    del request.session['userID']
    del request.session['ipAddr']
    logging.writeToFile(request.META.get('REMOTE_ADDR'))
    final_dic = {'error_message': "Session reuse detected, IPAddress logged.",
    "errorMessage": "Session reuse detected, IPAddress logged."}
    final_json = json.dumps(final_dic)
    return HttpResponse(final_json)
    except:
    pass
    Usually they are in line 11-40. Final code shoud look like
    from plogical.CyberCPLogFileWriter import CyberCPLogFileWriter as logging
    import json
    from django.shortcuts import HttpResponse

    class secMiddleware:

    def __init__(self, get_response):
    self.get_response = get_response

    def __call__(self, request):
    try:
    uID = request.session['userID']
    ipAddr = request.META.get('REMOTE_ADDR')


    if request.method == 'POST':
    try:
    #logging.writeToFile(request.body)
    data = json.loads(request.body)
    for key, value in data.iteritems():
    if request.path.find('gitNotify') > -1:
    break

    # if request.path.find('users') > -1 or request.path.find('firewall') > -1 or request.path.find('servicesAction') > -1 or request.path.find('sslForHostName') > -1:
    # logging.writeToFile(request.body)
    # final_dic = {'error_message': "Data supplied is not accepted.",
    # "errorMessage": "Data supplied is not accepted."}
    # final_json = json.dumps(final_dic)
    # return HttpResponse(final_json)

    if type(value) == str or type(value) == unicode:
    pass
    else:
    continue

    if request.build_absolute_uri().find('saveSpamAssassinConfigurations') > -1 or request.build_absolute_uri().find('docker') > -1 or request.build_absolute_uri().find('cloudAPI') > -1 or request.build_absolute_uri().find('filemanager') > -1 or request.build_absolute_uri().find('verifyLogin') > -1 or request.build_absolute_uri().find('submitUserCreation') > -1:
    continue
    if key == 'ports' or key == 'imageByPass' or key == 'passwordByPass' or key == 'cronCommand' or key == 'emailMessage' or key == 'configData' or key == 'rewriteRules' or key == 'modSecRules' or key == 'recordContentTXT' or key == 'SecAuditLogRelevantStatus' or key == 'fileContent':
    continue
    if value.find(';') > -1 or value.find('&&') > -1 or value.find('|') > -1 or value.find('...') > -1 \
    or value.find("`") > -1 or value.find("$") > -1 or value.find("(") > -1 or value.find(")") > -1 \
    or value.find("'") > -1 or value.find("[") > -1 or value.find("]") > -1 or value.find("{") > -1 or value.find("}") > -1\
    or value.find(":") > -1 or value.find("<") > -1 or value.find(">") > -1:
    logging.writeToFile(request.body)
    final_dic = {'error_message': "Data supplied is not accepted.",
    "errorMessage": "Data supplied is not accepted."}
    final_json = json.dumps(final_dic)
    return HttpResponse(final_json)
    if key.find(';') > -1 or key.find('&&') > -1 or key.find('|') > -1 or key.find('...') > -1 \
    or key.find("`") > -1 or key.find("$") > -1 or key.find("(") > -1 or key.find(")") > -1 \
    or key.find("'") > -1 or key.find("[") > -1 or key.find("]") > -1 or key.find("{") > -1 or key.find("}") > -1\
    or key.find(":") > -1 or key.find("<") > -1 or key.find(">") > -1:
    logging.writeToFile(request.body)
    final_dic = {'error_message': "Data supplied is not accepted.", "errorMessage": "Data supplied is not accepted."}
    final_json = json.dumps(final_dic)
    return HttpResponse(final_json)
    except BaseException, msg:
    logging.writeToFile(str(msg))
    response = self.get_response(request)
    return response
    response = self.get_response(request)
    return response

    and this file is available at /usr/local/CyberCP/CyberCP
  • @CyberPanel : line 11 is: try
    and line 40 is: pass
    https://43.224.33.39:8090/websites/
    Error 500 here
  • Create ticket and mention ticket number here.
  • Create ticket and mention ticket number here.

    Ticket #5FJ7PV thanks
Sign In or Register to comment.
CyberPanel Discord

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!