In this release we will deploy a new fail2ban rule that will block IPs based on repeated requests to the /paypal/transparent/requestSecureToken/ endpoint of the PayPal Payflow extension. Malicious requests to this endpoint seem to be able to cause a denial of service by letting the shop issue a suspiciously large amount of test authorizations even when the module is disabled under certain circumstances. We have seen a large amount of probes attempting to test for this vulnerability between the 16th of February and the night of the 18th across our platform. After this change we will use adaptive filtering to put any IPs in the firewall that do a sufficiently large amount of requests to this URL.
close
Please select the panel you are using
New Control Panel
Login with email