Re: Help: Runaway processes killing server...

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2004-09-01 at 17:57 +0300, Mauri Sahlberg wrote:
> Twice comment-spammer has managed to bring our small server first to
> it's knees and then to it's belly? We are running postgresql, apache
> and serendipity. Today and yesterday this combination with very rapid
> repeated loading of serendipity comment-function (GET
> /comment.php?serendipity[entry_id]=9&serendipity[type]=comments
> HTTP/1.0" 200 3708 "http://12.163.72.13/"; "Mozilla/4.0 (compatible;
> MSIE 6.0; Windows NT 5.2; .NET CLR 1.1.4322)"
> ) has managed to eat every scrap of memory there is? All I could do
> was to boot the server.
Improve your PHP scripts:

* Use POST method for html forms, not GET

* perform a check:
$referrer = parse_url( $_SERVER[ "HTTP_REFERER" ] );
if ( $referrer[ "host" ] != $_SERVER["HTTP_HOST"] ) {
	echo "Don't post from another server!";
	exit();
}

* set register_globals=off

and so on

-- 
Marius Andreiana
Galuna - Solutii Linux in Romania
http://www.galuna.ro



[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux