Canalplan Bug Tracker



Anonymous Login
2019-04-21 11:11 BST

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0000384Canalplan [All Projects] Internal Improvementspublic2018-01-17 18:41
ReporterNick Atty 
Assigned ToNick Atty 
PrioritynormalSeverityminorReproducibilityhave not tried
StatusassignedResolutionopen 
PlatformGenericOSN/AOS VersionN/A
Product VersionProduct Build 
Target VersionFixed in Version 
Summary0000384: Protect against accidental/reckless/abusive use
DescriptionLast night we were hit by a sort of DDoS from lots of different IPs in a very short period of time all trying to get legitimate pages (but with spoofed referers) and we ended up first with lots of alarms for them, but also ultimately with the database locked.
Additional InformationPlan - log (use old semaphore code?) each "database is locked", "alarm" or "timeout". If more than a certain number are caught in a short time (5 in 30 seconds say) set "norun", wait a minute and then release.
TagsNo tags attached.
Attach Tags (Separate by ",")
Attached Files

-Relationships
+Relationships

-Upload File
Select File
Maximum size: 5,000 KB
+Upload File

-Notes

~0001494

user3

I saw it happening. Apache seemed to be handling it but the processes piled up...I was impressed by the number of emails the bug reporter was sending!

I downed Apache and did a killall -9 on the Canalplan processes and then restarted Apache and kept an eye on it and things seemed ok

~0001495

user3

We had 220 apache processes running and we weren't maxing the memory or the CPU ....
+Notes

-Add Note
Note
View Status
Upload File
Maximum size: 5,000 KB
+Add Note

-Issue History
Date Modified Username Field Change
2018-01-17 07:23 Nick Atty New Issue
2018-01-17 07:23 Nick Atty Status new => assigned
2018-01-17 07:23 Nick Atty Assigned To => Nick Atty
2018-01-17 11:44 user3 Note Added: 0001494
2018-01-17 18:41 user3 Note Added: 0001495
+Issue History