sententia
Home    Blog

Connection Reset, Connection Error, SRX Firewall, CrystalTech, Insite Creation CMS

It turns out that the hosting service, www.crystaltech.com, began employing a new SRX Firewall which was put in place to prevent SQL injection attacks but causes problems with some CMSs.  From tech support,
Hello,
I see that you have been having some issues with a "Connection Reset" error on the site.  The Symptoms you describe seem to be an issue with the connection being reset by the SRX Firewall, this firewall was put in place to prevent SQL injection attacks but can also cause issues with some CMS' it could be getting caught because of the length of the post or even key words in the post that it doesn't allow.  There are a couple options:

1) Split the post up into smaller sections, If this does not help try the next option.
2) Test to see if it has to do with key words by submitting short portions of the post at a time if it catches one of them there is a key word causing the issue.
3) We can send a request to our network team to have your domain whitelisted on the SRX Firewall, this will allow all requests/posts to be made unfiltered but can leave your site open to attack if theer are vulnerabilities in your code.

Newtek Technology Services
Phone: (602) 263-0300 Opt. 4
URL: http://webservices.thesba.com - http://webservices.thesba.com/


I opted for 'white listing'.  I've seen other posts about issues on CrystalTech and the SRX firewall
Unfortunately, the folks at Crystal Tech only want to add certain IPs to the whitelist which is not a good solution as I have many content authors and many IPs

Tested and everything runs ok and page response is much faster too!