Pixelpost

Authentic Photoblog Flavour


Go Back   Pixelpost Forum > MISCELLANEOUS > Archives > Bug Report 1.4.x
Reload this Page Possible DoS attack in referers list

Post Reply
 
Thread Tools
  #1  
Old 07-15-2005, 06:37 PM
E150 Offline
forum loafer
  
Join Date: Jul 2005
Posts: 1
Possible DoS attack in referers list
Hi all,

I'm copying here a previous mail I sent to one of the maintainers of pixelpost site:

Quote:
I've read some posts about mysql queries that take long time (those getting the list of referers) and high visitor counts, so I've been investigating this issue a bit. Note that I'm not currently using the latest version of pixelpost.

The fact is that there are some undesirable bots that are sending a lot of traffic to the site, increasing the visitors and referers count, so when someone hits the referers link, mysql has to count all the hits for every one of these sites that are generating traffic to pixelpost (generally viagra sites and the like...).

These mysql queries are _VERY_ time consuming, so the result is the CPU being 100% during long periods of time, leaving the server almost unusable. I tried to block the IP's from these machines but then new IP's generate more traffic. I think this is a known bug by many people, since they're googling for strings like "referers last seven days". Maybe this is a known bug for you too, I only wanted to know if you are concerned about it and if it's fixed on the latest versions.
I think an easy solution to this would be to limit the referers list to say, the 10 or 20 first referers. Anyway, I've been told that this issue will be probably fixed in the new version of pixelpost.
Reply With Quote
  #2  
Old 07-15-2005, 07:20 PM
Joe[y]'s Avatar
Joe[y]+ Offline
Team Pixelpost
  
Join Date: Mar 2005
Location: UK
Posts: 3,101
Send a message via MSN to Joe[y]
yes. we're discussing the best solution right now.

i read your email and i agree. limiting referers is a good idea and a simple solution.
Reply With Quote
  #3  
Old 07-16-2005, 12:28 AM
riken Offline
pp veteran
  
Join Date: Apr 2005
Location: In VB Hell!
Posts: 87
Re: Possible DoS attack in referers list
Quote:
Originally Posted by E150
Note that I'm not currently using the latest version of pixelpost.
Up to version 1.3 there was a problem with load when looking up refereres in the database. In 1.4 indexes were added so that the load on the database would be lower.

So upgrading to 1.4.1 should fix your problem of high system load on the mysql server. And the next version has more stuff for handling spammers.
__________________
Riken
Photoblog: Distant Imagery
Reply With Quote
  #4  
Old 07-16-2005, 08:42 PM
Joe[y]'s Avatar
Joe[y]+ Offline
Team Pixelpost
  
Join Date: Mar 2005
Location: UK
Posts: 3,101
Send a message via MSN to Joe[y]
sorry. i misread that as you ARE using the most uptodate version.

any problems you encounter with older versions of pixelpost we cannot fully help with as it is much easier to work with our current version to save confusion.
Reply With Quote
Post Reply

« Previous Thread | Next Thread »

Thread Tools




All times are GMT. The time now is 07:32 PM.

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd. | Style Design: d3 designs