Visiting DA-page results in message in DA/security.log

[BBM]

After I (thought) I linked my ipv6 to my ip4, everytime I view the following DA-page;
CMD_IP_MANAGER_DETAILS?ip=<my_server_main_ipv6_IP>

... a new message is generated in;

/var/log/directadmin/security.log

2014:07:17-22:49:54: Found one of block_token_chars in token ip=<my_server_ipv6_IP> (ascii 58) from 83.87.x.x with request /CMD_IP_MANAGER_DETAILS
2014:07:17-22:52:19: Found one of block_token_chars in token ip=<my_server_ipv6_IP> (ascii 58) from 83.87.x.x with request /CMD_IP_MANAGER_DETAILS
2014:07:17-22:52:25: Found one of block_token_chars in token ip=<my_server_ipv6_IP> (ascii 58) from 83.87.x.x with request /CMD_IP_MANAGER_DETAILS
2014:07:17-23:02:42: Found one of block_token_chars in token ip=<my_server_ipv6_IP> (ascii 58) from 83.87.x.x with request /CMD_IP_MANAGER_DETAILS
2014:07:17-23:02:48: Found one of block_token_chars in token ip=<my_server_ipv6_IP> (ascii 58) from 83.87.x.x with request /CMD_IP_MANAGER_DETAILS

If I refresh the DA-page, say 5 times, then also 5 lines are added to the log.

Not sure what to think of it, maybe it's a little bug or not.
Just thought I'd mention it.

 

[zEitEr]

Hello,

This is what directadmin.conf has regarding the matter:

block_token_chars=$[]<>:#

Values that are not permitted to be passed between pages via GET for the tokens.
There is a newline character in there as well, in the internal values. Can't add newline if you override it due to configfile limitations.

http://help.directadmin.com/item.php?id=284

So to bypass it you might need to add the line into directadmin.conf without : and restart directadmin.


p.s. as it might require changes in directadmin the thread is now moved into "Feedback & Feature Requests" subforum.

 

[BBM]

Thanks for the clarification Alex.
So I understand the error/warning message is generated just because there is an IPv6 in the URL, which ofcourse has ':' characters in it.