Knowledgebase

Multiple sessions per client

Posted by difz, 03-31-2011, 06:49 AM
I have a website installed on my VPS. The website has a who's online feature based on sessions. But lately, my VPS has been suffering high cpu load and the traffic has also spiked from 30-50 online users at the same time to more than 2700 online users. So I checked the who's online table in the database, and I found out that each IP has multiple sessions stored in the database ranging from 2 sessions to something like 22 sessions per client. But some IPs only have 1 session though... Ultimately, I've banned some of those IPs with multiple sessions I know nothing is wrong with the website because I haven't changed anything from the script. So it must be the server... Is this some kind of DDOS? Or is this caused by some misconfiguration? Any idea?
Posted by ClaudiuPopescu, 03-31-2011, 07:34 AM
This looks like a DDoS attack. Install an automated firewall. As for your web server, what are you using? Apache?
Posted by difz, 03-31-2011, 07:36 AM
Yes, I'm using Apache. And my firewall is already enabled through CSF. Any other solutions?
Posted by jackpx, 03-31-2011, 07:40 AM
Ddos Deflate ?
Posted by ClaudiuPopescu, 03-31-2011, 07:47 AM
1. Install Nginx, http://nginxcp.com/ if you are using cPanel, if not do it manually 2. Edit: /etc/csf/csf.conf and find the option PORTFLOOD = "", edit it to look like this: PORTFLOOD = "80;tcp;20;5" (it's a bit drastic but it should do the trick) Btw, check the CSF output btw.. If the above options are not ok for you, then you can try LiteSpeed, try the free 15 Days trial license, it's great against DDoS attacks (it's not free tho, nginx is free on the other hand, but harder to configure for beginners)
Posted by difz, 03-31-2011, 08:07 AM
jackpx Thanks for the suggestion, I'll keep this in mind for later @Claudiupopescu I have DirectAdmin instead of Cpanel so I suppose I could install Nginx manually, but I have to rewrite a few .htaccess files though... Do I still need to edit csf.conf if I install Nginx? Cause it seems my iptables isn't working correctly. The ipt_recent modules is missing I think... this is the output of CSF test Testing ip_tables/iptable_filter...OK Testing ipt_LOG...OK Testing ipt_multiport/xt_multiport...OK Testing ipt_REJECT...OK Testing ipt_state/xt_state...OK Testing ipt_limit/xt_limit...OK Testing ipt_recent...FAILED [Error: iptables: Unknown error 18446744073709551615] - Required for PORTFLOOD and PORTKNOCKING features Testing ipt_owner/xt_owner...OK Testing iptable_nat/ipt_REDIRECT...OK RESULT: csf will function on this server but some features will not work due to some missing iptables modules [1]
Posted by ClaudiuPopescu, 03-31-2011, 08:09 AM
Contact your VPS provider and ask them to load this module for you. As for Nginx, if you configure it to work with Apache, as a reverse proxy, you do not need to rewrite .htaccess
Posted by difz, 03-31-2011, 08:18 AM
Okay thanks. I'll contact them and see if they can do that for me.


Was this answer helpful?

Add to Favourites Add to Favourites

Print this Article Print this Article
Also Read
cPanel + Perl 5.10? (Views: 624)
Los Angeles Down - Which DCs are Affected (Views: 626)
icanahost.com (Views: 622)
Ubiquity servers datacenter being attacked (again)? (Views: 601)
PHP watermarking - need little help. (Views: 589)


Language:

Client Menu

 

Client Login

Email

Password

Remember Me

Search



  
 

Clients

Hosting

VPS Hosting

About Us

Contact Us

Copyright © 2015 DC International LLC in partnership with Bragin IT Solutions Inc. - All Rights Reserved.