Is my site being attacked? |
(07-13-2016, 07:49 AM)InsiteFX Wrote: The CI Cart Class uses sessions for keeping track of all the items etc; Hello InsiteFX , At first I'd like to say thanks for your help! In my website: 1.What did you Try? What did you Get? In the past (from 2015->June 2016), I used default config [[$config['sess_save_path'] = NULL;], my site worked normally. User can browse site & buy products (from 2015 to June/2016). However, since last week (9th, July), I can NOT browse my website, It's a white page (Blank page) without any text, images... After that, I try to changed my config into 1.a : First I used this config: [$config['sess_save_path'] = 'ci_sessions'; $config['sess_driver'] = 'database';] & created a table "ci_sessions", I saw that a lot of sessions record were inserted in to database. It seems that They were written automatically as a robot ( about 2 records/ minute, I sure that mysite does NOT have a lot of users). 1.b: Second I changed to this config: [$config['sess_save_path'] = 'ci_sessions'; $config['sess_driver'] = 'files';]. With this config, I saw that there had a lot of files ci_sessionxxxxxxx were generated in public_html/ci_sessions folder. They were also generated automatically as a robots too. Now, I use config (1.b), today (14th July), I deleted total over 400 ci_sessionxxxx files (in folder public_html/ci_sessions). I'm sure that my site does NOT have too much user as that number. I have a function to count "Product detail view" every time user opens a product detail. I wrote this count into database, & I see that this number is being increased very fast (Today (14th July), in the morning (~7:00 AM, totals views is 2862, but now (23:43 PM) it is 3544 (total views)) I think there have an automatically trigger (maybe from inside CI or maybe from outsite website(hacker) ) try to call my site with a frequency. 2. What did you Expect? Mywebsite (www.hotfashion.vn) is in a normal site that shows list of products. User can view product detail & buy it. When they by a product (or many products), I store it in Cart. After that user goto a form to input some basic info (UserName, Phone Number, address). Then ending a shop tour ( We DO NOT have payment directly via Visa, Master card...). The shop will call to this user to confirm the order & delivery product to him/her. He/her will pay cash for Shipper. Currently, I DO NOT keep track users. (Maybe I'll add in the future) So, could you please help me what did happen that I can not use old config (from 2015->June2016) [[$config['sess_save_path'] = NULL;]? (Blank page if I use it) Now I'm using config (1.b) above (or change to (1.a)), Can I stop generating the ci_sessionxxxx files (And sure User can buy products)? If you need any more information about my code/web, please let me know! I'D LIKE TO SAY THANKS A LOT FOR YOUR HELP. |
Messages In This Thread |
Is my site being attacked? - by TuanTa - 07-10-2016, 04:58 AM
RE: Is my site being attacked? - by Paradinight - 07-10-2016, 07:41 AM
RE: Is my site being attacked? - by TuanTa - 07-10-2016, 10:26 AM
RE: Is my site being attacked? - by TuanTa - 07-12-2016, 06:25 PM
RE: Is my site being attacked? - by pdthinh - 07-12-2016, 08:09 PM
RE: Is my site being attacked? - by TuanTa - 07-13-2016, 12:45 AM
RE: Is my site being attacked? - by marksman - 07-12-2016, 10:19 PM
RE: Is my site being attacked? - by TuanTa - 07-13-2016, 01:02 AM
RE: Is my site being attacked? - by pdthinh - 07-13-2016, 02:26 AM
RE: Is my site being attacked? - by behrooz1x - 07-13-2016, 01:21 AM
RE: Is my site being attacked? - by InsiteFX - 07-13-2016, 07:49 AM
RE: Is my site being attacked? - by TuanTa - 07-14-2016, 10:02 AM
RE: Is my site being attacked? - by mwhitney - 07-15-2016, 11:54 AM
RE: Is my site being attacked? - by TuanTa - 07-16-2016, 09:49 AM
|