Help CentreTroubleshooting Common troubleshooting queriesI am receiving errors on my website when using SuperControl API

I am receiving errors on my website when using SuperControl API

This may not always be the case but errors can be caused by malicious code which gets blocked by SuperControls Web Application Firewall (WAF).

You will need to pass this information to your web developer to ensure the errors don't persist.

SuperControl is protected by a sophisticated Web Application Firewall (WAF).  The WAF automatically blocks any potentially dangerous requests to our systems, including SQL injection and cross-site scripting.

It is common for bad bot to scan websites looking for vulnerabilities.  Clients using the SuperControl API should sanitise any malicious input before sending requests to our servers.  If the WAF detects a volume of malicious requests your website will be blocked for at least 24 hours.  In many cases this will cause the elements of your website that use the SuperControl API to fail.

It isn't possible to whitelist IP addresses because we have to protect all of our systems.

Some common examples where malicious code has been injected causing the WAF to block:

?siteID=1234&cottageID=4567%20and%201%3d1

?propertycode=4567%20and%201%3d1&startdate=2017-11-01&enddate=2018-10-31

We recommend protecting websites using proxy services like Cloudflare or Incapsula as well as enforcing strict validation of data.

0 Comments

How can we make this page better for you?

E-Mail me when someone replies to this comment