Hmmm, the root cause is that ValueError, which you should not be getting. A request to an invalid URL should never generate a 500. Something somewhere is going wrong, and the emails are a symptom of it.
What was the installation method for Review Board? (e.g., pip?) Is there anything non-default about your setup? Christian On Mon, Jan 24, 2022 at 08:51 Josh Davis <josh...@gmail.com> wrote: > Hello, > > I have ReviewBoard 4.0.4 installed. Our organization has a Nessus > vulnerability scanner and every time it scans ReviewBoard, I am bombarded > with error emails as the scanner tries every vulnerability it can think of. > A single scan might generate 500+ emails that look like this: > SUBJECT: [Review Board] ERROR (EXTERNAL IP): Internal Server Error: / > index.pl > MESSAGE: > Internal Server Error: /index.pl > > ValueError at /index.pl > The file 'rb/images/favicon_notify.ico' could not be found with > <pipeline.storage.PipelineCachedStorage object at 0x7f80ac9d0c50>. > > Request Method: GET > Request URL: http://XXXXredactedXXXX/index.pl > Django Version: 1.11.29 > Python Executable: /usr/bin/python3 > Python Version: 3.6.8 > Python Path: ['/var/www/html/conf', '/usr/lib64/python36.zip', > '/usr/lib64/python3.6', '/usr/lib64/python3.6/lib-dynload', > '/usr/local/lib64/python3.6/site-packages', > '/usr/local/lib/python3.6/site-packages', > '/usr/lib64/python3.6/site-packages', '/usr/lib/python3.6/site-packages'] > Server time: Mon, 24 Jan 2022 10:31:23 -0600 > ... > Of course the subject will change to whatever vulnerability the scanner is > trying such as: > > - /cgi-sys/defaultwebpage.cgi > - /ucsm/isSamInstalled.cgi > - /system/login > > From what I've found, this is caused by django trying to be helpful. I'm > wondering if there is a way to disable this "feature". I don't mind it > logging the errors, but I can't figure out how to disable it emailing me > without completely disabling email. > > -- > Supercharge your Review Board with Power Pack: > https://www.reviewboard.org/powerpack/ > Want us to host Review Board for you? Check out RBCommons: > https://rbcommons.com/ > Happy user? Let us know! https://www.reviewboard.org/users/ > --- > You received this message because you are subscribed to the Google Groups > "Review Board Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to reviewboard+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/reviewboard/eb75c5c2-408b-422a-adce-80cdcd9a13den%40googlegroups.com > <https://groups.google.com/d/msgid/reviewboard/eb75c5c2-408b-422a-adce-80cdcd9a13den%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- -- Christian Hammond President/CEO of Beanbag Makers of Review Board -- Supercharge your Review Board with Power Pack: https://www.reviewboard.org/powerpack/ Want us to host Review Board for you? Check out RBCommons: https://rbcommons.com/ Happy user? Let us know! https://www.reviewboard.org/users/ --- You received this message because you are subscribed to the Google Groups "Review Board Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/reviewboard/CAE7VndmujSxEbkQei%2BKx3vtnGaZLUzyzyQv9e8ONmYS9TydWUg%40mail.gmail.com.
