For questions and problems with the CMS core. This board is NOT for any 3rd party modules, addons, PHP scripts or anything NOT distributed with the CMS made simple package itself.
I have recieved a mail from my hosting company, that their server has been down, due to attacks on the site through HEAD-requests. The site runs 1.10.3 and modules are all running the latest version. The hosting company seems to think this is a weakness in CMSMS. It is presently fixed by them in the .htaccess file, by inserting these lines:
phpversion: 5.2.6-1+lenny16
md5_function: Fra (Sand)
gd_version: 2
tempnam_function: Fra (Sand)
magic_quotes_runtime: Til (Falsk)
E_STRICT: 0
memory_limit: 128M
max_execution_time: 30
output_buffering: Fra
safe_mode: Til (Falsk)
file_uploads: Fra (Sand)
post_max_size: 32M
upload_max_filesize: 32M
session_save_path: Kan ikke kontrolleres pga af at open_basedir er aktiv
session_use_cookies: Fra (Sand)
xml_function: Fra (Sand)
Server Information:
Server Api: apache2handler
Server Db Type: MySQL (mysql)
Server Db Version: 5.0.51a
a: HEAD requests are valid requests to web pages, frequently used to see if a page has changed. Some link-back mechanisms will issue head requests so that they can update their caches or content based on links to your sites.
b: CMSMS does not do anything special wrt HEAD requests. it's treated the same as a GET request or something.
I would suspect that it's something specific about THOSE head requests (the URLS that they are requesting). or the amount of them, or something special about your servers configuration. Or maybe a PHP bug. But don't think it's anything in CMSMS. For curiosity I did a couple of thousand HEAD requests to a couple of CMSMS websites and had no difficulties.
Typically if there is a bug in PHP that causes php to crash based on some bug then this only effects that one request or a group of requests,. and does not bring the server down (though load can be increased). If there are a tonne of requests that cause load to increase dramatically then THAT can bring the server down.
So conclusion:
What are the errors on the server?
Are you only getting occasional HEAD requests or tonnes of them?
Follow me on twitter
Please post system information from "Extensions >> System Information" (there is a bbcode option) on all posts asking for assistance.
-------------------- If you can't bother explaining your problem well, you shouldn't expect much in the way of assistance.
It is indeed the amount of requests that has brought the server down.
A closer look at the server logs show this pattern:
12 requests in 1-2 minutes for one page.
12 for another page on the same site in the same amount of time.
12 requests for a third page, ditto.
12 requests for a fouth page
and so on....
The pattern for the 12 requests for one page:
ip 72.233.2.39 - 1 request
ip 72.232.7.32 - 3 requests
ip 72.232.7.31 - 1 request
ip 72.232.7.29 - 6 requests
ip 72.233.2.39 - 1 request
So I guess it is an attack specifically aimed at this site.....?
One of the webhost supporters suggested to look for a module that could block that kind of multiple requests, but this is I guess not possible, when some of them are single requests, similar to a legit request, just grouped together.
So far HEAD requests is blocked via htaccess.
This will not work well with caching, I guess?
A few dozen requests inside of one minute is not a DDOS attack.
I am thinking your page is encountering some type of PHP bug. But there is no way (without alot of digging) to know for sure. Only solution to that is for your host to upgrade php...
Now, killing all HEAD requests will solve the problem temporarily. CMSMS doesn't use the E-Tag (if you've disabled them in the .htaccess) it tells the browser to cache until a certain date/time. Therefore I don't think that caching would be effected.
Follow me on twitter
Please post system information from "Extensions >> System Information" (there is a bbcode option) on all posts asking for assistance.
-------------------- If you can't bother explaining your problem well, you shouldn't expect much in the way of assistance.
