来自具有匿名访问权限的SharePoint网站的HTTP未经授权的蛮力攻击警报 [英] HTTP Unauthorized Brute force attack alert from SharePoint site with Anonymous access
本文介绍了来自具有匿名访问权限的SharePoint网站的HTTP未经授权的蛮力攻击警报的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我有一个面向公众的网站,例如在SharePoint中开发的www.abc.com 2013仅具有匿名访问权限,并且为了管理内容,我使用
集成 Windows身份验证,称为 www.abc.com with
匿名访问时,SharePoint搜索会找到内容,但由于未发布内容而引发401错误.如果您使用Chrome DevTools(从控制台标签中)调试搜索结果页,则可以跟踪此错误.有人可以请教,这是正常现象吗
匿名访问的SharePoint搜索的概念还是与访问设置有关?出于网络安全原因,我需要清除此蛮力攻击警报.谢谢.
I have a public facing site, say www.abc.com developed in SharePoint 2013 with anonymous access only and for managing content, I extended the same site with
integrated windows authentication, call it support.abc.com.
After configuring the search, our firewall Palo Alto has detected HTTP unauthorized brute force attack threat from the SharePoint site www.abc.com when the anonymous user tries to search for an unpublished content. After analyzing, we found that
the root cause for this threat is an http 401 unauthorized error from SharePoint which fires multiple times in 60 seconds and firewall announce it as brute force attack. When user tries to search for an unpublished article content from the site www.abc.com with
anonymous access, SharePoint search find the content but throws 401 error as the content is not published. This error can be tracked if you debug the search result page with Chrome DevTools (from console tab). Can someone please advise, Is this a normal behavior
of SharePoint search with anonymous access or is it something related to access settings? For the network security reason, I need to clear this brute force attack alert.Thanks in advance.
推荐答案
会有多个请求对于单个"向最终用户显示的请求.这可能会返回多个401.这是正常的.
There would be multiple requests for a "single" request as it appears to the end user. This may return multiple 401s. This would be normal.
这篇关于来自具有匿名访问权限的SharePoint网站的HTTP未经授权的蛮力攻击警报的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
