Is my site being attacked? - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5) +--- Forum: General Help (https://forum.codeigniter.com/forumdisplay.php?fid=24) +--- Thread: Is my site being attacked? (/showthread.php?tid=65670) Pages:
1
2
|
Is my site being attacked? - TuanTa - 07-10-2016 Hello all, Today, I cannot access my site. I asked The Host provider to check the server. They said that I seem that your site is being attacked & ask me to check configuration of my site. I'm using CodeIgniter 3.0, My site has being worked since last year, It's no problem. However, today, I checked on the host, a lot of files were generated, I don't know why (Please see attachment images) It seems that my site is being attacked by some one. I don't have much experience with CodeIgniter. Is there anycode that generated these files? How can I prevent this? (I'm using DEFAULTS CONFIGURATION of CodeIgniter3.0). Could you help me please? BIG Thanks for your helper! Regards, Tuan RE: Is my site being attacked? - Paradinight - 07-10-2016 It called session. You save the session in the folder, change the config. http://www.codeigniter.com/user_guide/libraries/sessions.html#files-driver RE: Is my site being attacked? - TuanTa - 07-10-2016 I'd like to say BIG THANKS Paradinight, let I try to check my config as your guide now! RE: Is my site being attacked? - TuanTa - 07-12-2016 Hi guy, I try to work as guide & search from google, But My website is still failed. As the guide about the ci_session, I changed my config.php to { $config['sess_driver'] = 'files'; $config['sess_cookie_name'] = 'ci_session'; $config['sess_expiration'] = 7200; //$config['sess_save_path'] = NULL; --> default config of CI $config['sess_save_path'] = 'ci_sessions'; --> change to this $config['sess_match_ip'] = FALSE; $config['sess_time_to_update'] = 300; $config['sess_regenerate_destroy'] = FALSE; } If I changed as this, I can access my website (http://hotfashion.vn), but I can not buy product (Go to a product detail -> click "MUA NGAY" button) When I click MUA NGAY button --> this product will be added into cart ( CodeIgniter lib) successed, but I can NOT redirect to controller ( I used redirect('giohang/') - "giohang" is a controller, "add" is a method of "giohang". ( I also try to redirect to google for testing [ $testDirection = "http://www.google.com"; header("Location:$testDirection");] or use the exactly url [redirect('http://www.hotfashion.vn/index.php/giohang');] ==> It also can NOT redirect. ONE MORE THING, THIS CONFIG CAN WORK ON LOCALHOST, BUT NOT WORK ON LIVE SERVER In the past, "redirect('giohang');" worked well (with config [$config['sess_save_path'] = NULL; ]). I don't use ci_session. However, now, If I use [$config['sess_save_path'] = NULL; ] ==> I can NOT access my website ==> It's a blank page without any information. 2. One more thing, why I change to [$config['sess_save_path'] = 'ci_sessions'; ], a lot of files "ci_sessionxxxxxxx" were generated into folder "wwww/ci_sessions". I'm sure that these files were generated automatically or by attacking from hacker ( because my website's visitor is very little before this accident) What is wrong with my config? ( although this config worked well before (without ci_sessions) How can I prevent the automatically generated these ci_sessionxxxx files? Please see my codes as links: .htaccess https://drive.google.com/open?id=0B7yfHlb60b6KZVBnRjFhWE5Demc Config.php https://drive.google.com/open?id=0B7yfHlb60b6KOE45SlpuUDAxazA Giohang.php https://drive.google.com/open?id=0B7yfHlb60b6KS1g4NDVaVTNVZnc Thanks a lot for your help! RE: Is my site being attacked? - pdthinh - 07-12-2016 You can't send any content before header sent. In your giohang/add method you use echo(), print_r(), ... so they will prevent redirect() to work. About $config['sess_save_path'] the manual said: Code: 'sess_save_path' RE: Is my site being attacked? - marksman - 07-12-2016 Looks like you have changed your session directory to your public_html RE: Is my site being attacked? - TuanTa - 07-13-2016 (07-12-2016, 08:09 PM)pdthinh Wrote: You can't send any content before header sent. In your giohang/add method you use echo(), print_r(), ... so they will prevent redirect() to work. Thanks pdthinh so much. I removed all "echo, print, print_r", now redirect() can work well. However, I have a concern. In the past, I used default config ($config['sess_save_path'] = NULL --> my site can work well, but NOW I use the same default config , It does NOT work (Blank page). That is the reason I must used "$config['sess_save_path'] = 'ci_sessions';" --> I had problem with direction() ( cause is "echo, print, print_r" was executed before redirect() Thanks so much pdthinh again! RE: Is my site being attacked? - TuanTa - 07-13-2016 (07-12-2016, 10:19 PM)marksman Wrote: Looks like you have changed your session directory to your public_html Hi marksman, Actually, I don't have much experience on CI. I read Paradinight 's link above & researched on Google. They suggest I configure "$config['sess_save_path'] = 'ci_sessions'; " My website is very simple, just show product detail & allow user to buy ("MUA NGAY") product, so I don't need to store users's session. But the site is BLANK PAGE if I use default config "$config['sess_save_path'] = NULL;". I don't know the reason although It worked well in the past. NOW, when I set "$config['sess_save_path'] = 'ci_sessions'; " ==> a "ci_sessions" folder were create in public_html folder (public_html/ci_sessions). A lot of ci_sessionxxxxxxxxx were generated in "ci_sessions" folder. I don't know why the session is called to many times & generated too many files as the attachment link ( My website DO NOT have a lot of users). ci_session_file link : https://drive.google.com/open?id=0B7yfHlb60b6KbUx3Sk45N29fT2s HOW CAN I STOP GENERATING these files? Is there any default trigger that calls & generates automatically these ci_sessionxxxxx files? THANKS A LOT! RE: Is my site being attacked? - behrooz1x - 07-13-2016 Hi If you still need session you can Change your session config to a database type(use database table not files like that), and for stopping session entirly driver, you can remove loading session driver in 'confing/autoload.php' or your controller(if load driver in that). RankeUP RE: Is my site being attacked? - pdthinh - 07-13-2016 (07-13-2016, 01:02 AM)TuanTa Wrote:(07-12-2016, 10:19 PM)marksman Wrote: Looks like you have changed your session directory to your public_html Session is needed for shopping cart app, and it is needed for initializing shopping cart class. |