• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Is my site being attacked?

#11
The CI Cart Class uses sessions for keeping track of all the items etc;
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply

#12
(07-13-2016, 07:49 AM)InsiteFX Wrote: The CI Cart Class uses sessions for keeping track of all the items etc;

Hello InsiteFX ,
At first I'd like to say thanks for your help!

In my website:

1.What did you Try? What did you Get?
In the past (from 2015->June 2016), I used default config [[$config['sess_save_path'] = NULL;], my site worked normally. User can browse site & buy products (from 2015 to June/2016).
However, since last week (9th, July), I can NOT browse my website, It's a white page (Blank page) without any text, images...

After that, I try to changed my config into
         1.a : First I used this config: [$config['sess_save_path'] = 'ci_sessions';  $config['sess_driver'] = 'database';] & created a table "ci_sessions", I saw that a lot of sessions record were inserted in to database. It seems that They were written automatically as a robot ( about 2 records/ minute, I sure that mysite does NOT have a lot of users).
 
    1.b:  Second I changed to this config:   [$config['sess_save_path'] = 'ci_sessions';  $config['sess_driver'] = 'files';]. With this config, I saw that there had a lot of files ci_sessionxxxxxxx were generated in public_html/ci_sessions folder. They were also generated automatically as a robots too.
 
Now, I use config (1.b), today (14th July), I deleted total over 400 ci_sessionxxxx files (in folder public_html/ci_sessions). I'm sure that my site does NOT have too much user as that number.
 
I have a function to count "Product detail view" every time user opens a product detail. I wrote this count into database, & I see that this number is being increased very fast (Today (14th July), in the morning (~7:00 AM, totals views is 2862, but now (23:43 PM) it is 3544 (total views))  

I think there have an automatically trigger (maybe from inside CI or maybe from outsite website(hacker) ) try to call my site with a frequency.

2. What did you Expect?
  Mywebsite (www.hotfashion.vn) is in a normal site that shows list of products. User can view product detail & buy it. When they by a product (or many products), I store it in Cart.
  After that user goto a form to input some basic info (UserName, Phone Number, address). Then ending a shop tour ( We DO NOT have payment  directly via Visa, Master card...).
  The shop will call to this user to confirm the order & delivery product to him/her. He/her will pay cash for Shipper.
   Currently, I DO NOT keep track users. (Maybe I'll add in the future)
  
  So, could you please help me what did happen that I can not use old config (from 2015->June2016) [[$config['sess_save_path'] = NULL;]? (Blank page if I use it)
      Now I'm using config (1.b) above (or change to (1.a)), Can I stop generating the ci_sessionxxxx files (And sure User can buy products)?
  
  If you need any more information about my code/web, please let me know!
  
I'D LIKE TO SAY THANKS A LOT FOR YOUR HELP.
Reply

#13
Quote:However, since last week (9th, July), I can NOT browse my website, It's a white page (Blank page) without any text, images...

When in production environments, most sites are configured to suppress PHP error messages, which usually results in a blank page when an error occurs before the page can be rendered. I've also seen instances in which developers don't notice an error on their site because most of the page is rendered, but an error near the footer prevents the bottom of the page from being output correctly.

Check your logs to see if you caught any PHP errors while the page was blank, but it sounds like you may have found the source of the error in the session configuration.

As for the rate of the generation of session files, it could be related to some of the other session settings, or there could be a problem with your code. If you regenerate your sessions too rapidly without destroying the old sessions and/or you expire your sessions quickly but your server doesn't delete them, you could potentially generate a lot of files.

It's also worth noting that some servers are configured to delete sessions only from a specific location using a different mechanism to delete the sessions, so the php.ini settings which determine when the files are removed may be configured to never remove them. Although this is an old article, I've found that it's still valid on recent versions of Ubuntu, and probably other versions as Linux as well: http://www.laurencegellert.com/2012/08/p...tu-server/
Reply

#14
(07-15-2016, 11:54 AM)mwhitney Wrote:
Quote:However, since last week (9th, July), I can NOT browse my website, It's a white page (Blank page) without any text, images...

When in production environments, most sites are configured to suppress PHP error messages, which usually results in a blank page when an error occurs before the page can be rendered. I've also seen instances in which developers don't notice an error on their site because most of the page is rendered, but an error near the footer prevents the bottom of the page from being output correctly.

Check your logs to see if you caught any PHP errors while the page was blank, but it sounds like you may have found the source of the error in the session configuration.

As for the rate of the generation of session files, it could be related to some of the other session settings, or there could be a problem with your code. If you regenerate your sessions too rapidly without destroying the old sessions and/or you expire your sessions quickly but your server doesn't delete them, you could potentially generate a lot of files.

It's also worth noting that some servers are configured to delete sessions only from a specific location using a different mechanism to delete the sessions, so the php.ini settings which determine when the files are removed may be configured to never remove them. Although this is an old article, I've found that it's still valid on recent versions of Ubuntu, and probably other versions as Linux as well: http://www.laurencegellert.com/2012/08/p...tu-server/

Thanks mwhitney,
      Let me re-check my source code that there is any  errors & maybe I need to check server with Hosting Provider because in my localhost, there doesn't have these problems.

Thanks for your help, mwhitney!
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2019 MyBB Group.