Skip to content

Suspicious Request Notifications ​

Suspicious Request Notifications are alert messages that ACEweb sends out when an internal production link (e.g. xreg.awp, xprep.awp) on your site is activated from an outside website. The point of this is to alert you that someone may be trying to access ACEweb from an unauthorized location, signifying a possible attempt to hack into your site by creating unauthorized Enrollment Cart entries.

However, you may also receive the notification in certain cases that are not hacking attempts. For example, if a user clicked the Proceed to Checkout button to enroll in a course but couldn't complete the registration at that time, so they bookmarked the page to go back to it later. Because that bookmark calls the xreg.awp (one of the internal production links), when the user clicks the bookmark, ACEweb will generate the Suspicious Request Notice.

Another example is search bots (e.g. Google, Bing, etc.) not using the correct web domain, e.g. adding www to your domain (ACEweb compares the URL tried to the ACEwebURL INI setting.)

If you only receive one or two of these messages--AND--you don't notice any 'odd' registrations in the specified course (course number in theRequested URL), you can generally ignore the messages.

You can also determine who receives the Suspicious Request notices with the WarningEmail INI setting.

Note: if you are sending out links to your courses in emails, you will want to make certain your links do not include references to the XReg or XPrep routines.