From 0753f5a58e04455c01bb51ae3846ebd8c72062bb Mon Sep 17 00:00:00 2001
From: Travis Eden <daovist@gmail.com>
Date: Thu, 18 Oct 2018 15:24:00 -0400
Subject: [PATCH 1/2] filter by publisher_id rather than certificateId in
 getClaimIdAndServeAsset

---
 server/controllers/assets/utils/getClaimIdAndServeAsset.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/controllers/assets/utils/getClaimIdAndServeAsset.js b/server/controllers/assets/utils/getClaimIdAndServeAsset.js
index 4e4cbafe..37c2cfd4 100644
--- a/server/controllers/assets/utils/getClaimIdAndServeAsset.js
+++ b/server/controllers/assets/utils/getClaimIdAndServeAsset.js
@@ -37,7 +37,7 @@ const getClaimIdAndServeAsset = (channelName, channelClaimId, claimName, claimId
       return claim;
     })
     .then(claim => {
-      if (serveOnlyApproved && !isApprovedChannel({ longId: claim.dataValues.certificateId }, approvedChannels)) {
+      if (serveOnlyApproved && !isApprovedChannel({ longId: claim.dataValues.publisher_id }, approvedChannels)) {
         throw new Error(CONTENT_UNAVAILABLE);
       }
       logger.debug('Outpoint:', claim.dataValues.outpoint);

From 5c2a33250ed950148b525101ac667ee3836ab0b7 Mon Sep 17 00:00:00 2001
From: Shawn K <skhameneh@gmail.com>
Date: Fri, 19 Oct 2018 14:36:51 -0500
Subject: [PATCH 2/2] Fix IP ban and add logging (#642)

---
 server/routes/api/index.js | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/server/routes/api/index.js b/server/routes/api/index.js
index 572ceef7..f42cd0b9 100644
--- a/server/routes/api/index.js
+++ b/server/routes/api/index.js
@@ -21,15 +21,18 @@ const getTorList = require('../../controllers/api/tor');
 const getBlockedList = require('../../controllers/api/blocked');
 const getOEmbedData = require('../../controllers/api/oEmbed');
 
+const logger = require('winston');
+
 const forbiddenMessage = '<h1>Forbidden</h1>If you are seeing this by mistake, please contact us using <a href="https://chat.lbry.io/">https://chat.lbry.io/</a>';
 
 let ipCounts = {};
 let blockedAddresses = [];
 
 const autoblockPublishMiddleware = (req, res, next) => {
-  let ip = (req.headers['x-forwarded-for'] || req.connection.remoteAddress).split(/,\s?/);
+  let ip = (req.headers['x-forwarded-for'] || req.connection.remoteAddress).split(/,\s?/)[0];
 
   if(blockedAddresses.indexOf(ip) !== -1) {
+    logger.warn(`Banned IP publish attempt: ${ip}`);
     res.status(403).send(forbiddenMessage);
     res.end();
 
@@ -46,6 +49,7 @@ const autoblockPublishMiddleware = (req, res, next) => {
   }, 600000 /* 10 minute retainer */)
 
   if(count === 10) {
+    logger.error(`Banning IP: ${ip}`);
     blockedAddresses.push(ip);
     res.status(403).send(forbiddenMessage);
     res.end();