New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Is my Piwik compromised? #12504
Comments
Piwik's integrity checks show everything is fine (except one function I've disabled on purpose, nothing strange is there). |
Is Piwik 'phoning home' whenever we login? Update: there are definitely strange GET requests from those IPs above in my logs... I doubt this is Piwik/Matomo API related, for example:
(note: ************ url removed by me, IP anonymised by me) |
@dev-101 The URL you posted is a "normal" tracking request. |
Hi Stefan, I don't use cron, so that explains this - thanks. However, why is Piwik not returning my username; instead it always returns 'anonymous'? It started happening since 2 days ago out of the blue. I haven't done any changes, file integrity is ok, so nothing suspicious. Yet, this line required by my plugin no longer works properly. Why?
|
That line should return the currently logged in user. At which position do you call the method? |
Here's the initial code (again, everything was working fine until recently, and nothing was changed in my systems that should affect this behavior):
|
At the time you are logging this, the authentication has not been executed yet AFAIK (so it is all good) |
Hi, but it was working just fine - how can we explain that? And logging line was called after $login = Piwik::getCurrentUserLogin(); line. I am really puzzled by this now. What would be the proper way to check if user is logged in then every time Piwik is called? Ok, I got confused for a moment, of course it is not, because the next line is this:
Now, if I switch to Login.authenticate it works, but I need to execute it every time Piwik is called, not just at login. Again, it was working fine before. |
In your example above you typically want to move the "if" statement and this logic into your |
Thanks Mat, it fixed my issues completely. I am still not sure why this worked for months and then suddenly stopped, but sorry for the false alarm about security. Regards |
Piwik 3.2.1, Matomo 3.3.0
Thanks to a small custom plugin I use and the fact it got broken out of the blue, during tedious debugging session (as there was nothing in the logs!) I've noticed that my account is recognized as 'anonymous' instead of super admin. Then... I saw this in the logs as soon as I was logged-in:
This IP 62.12.78.130 is NOT MINE!
All IP variants (so far): (edit/update: IPs are anonymised by me)
*.12.78.130
*.185.183.24
*.68.101.168
*.208.213.133
What is going on? Any ideas? Why am I recognized as anonymous after login? On 3 different servers, 3 different PHP/Server versions, mixed Piwik 3.2.1 / 3.3.0 (upgrade didn't resolve the issue).
Thanks
The text was updated successfully, but these errors were encountered: