Chris
Offline
Post Count: 112
6 May 2022 17:05
Hey there
Just to explain these emails: to aide development we have the system send emails to the support address (set in the zenario_siteconfig.php file). They're designed to alert us if a visitor is browsing our sites and encounters an error.
They were never intended to be an alert that one of our sites is being probed or is under attack. However if an attacker does find something that generates an error, that can often trigger these emails.
The email you've shown there is very similar to one we sometimes see as well. It references a bit of code where we're trying to check someone's session ID is valid.
This is just a guess, but maybe this is part of a standard attack script that attacks sometimes choose to run? However we don't actually know how to reproduce the attack "in the lab" and trigger the error by our own doing.
I'm sorry that's not a definitive answer.
Mike
Offline
Post Count: 10
8 May 2022 03:46
That helps and as I expected. I have not encountered any further alerts and as I stated - might have been my outdated version of PHP .. I think that site was running 7.3 ... thx again...
michilex74
Offline
Post Count: 1
12 Jan 2023 10:08
Useful information
I received this error via email from Zenario Website.
77.68.12.91 accessing /session_regenerate_id(): Cannot regenerate session id - session is not active
in /homepages/44/d863168580/htdocs/midway/zenario/autoload/cookie.php
at line 167
Made me check the version of php I was running and it called for and update - I moved to 8.0 ...suggestions?
Not sure if this was an attack attempt or an error due to version control?
THX
Mike