diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/networking.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/networking.c b/src/networking.c index 574773b37..f633b41a4 100644 --- a/src/networking.c +++ b/src/networking.c @@ -3615,7 +3615,13 @@ void securityWarningCommand(client *c) { time_t now = time(NULL); if (llabs(now-logged_time) > 60) { - serverLog(LL_WARNING,"Possible SECURITY ATTACK detected. It looks like somebody is sending POST or Host: commands to Redis. This is likely due to an attacker attempting to use Cross Protocol Scripting to compromise your Redis instance. Connection aborted."); + char ip[NET_IP_STR_LEN]; + int port; + if (connAddrPeerName(c->conn, ip, sizeof(ip), &port) == -1) { + serverLog(LL_WARNING,"Possible SECURITY ATTACK detected. It looks like somebody is sending POST or Host: commands to Redis. This is likely due to an attacker attempting to use Cross Protocol Scripting to compromise your Redis instance. Connection aborted."); + } else { + serverLog(LL_WARNING,"Possible SECURITY ATTACK detected. It looks like somebody is sending POST or Host: commands to Redis. This is likely due to an attacker attempting to use Cross Protocol Scripting to compromise your Redis instance. Connection from %s:%d aborted.", ip, port); + } logged_time = now; } freeClientAsync(c); |