forum.coppermine-gallery.net

Support => cpg1.4.x Support => Older/other versions => cpg1.4 miscellaneous => Topic started by: punjab on November 15, 2006, 02:44:43 pm

Title: SECURITY problem - kill requests
Post by: punjab on November 15, 2006, 02:44:43 pm

Today i got DOS attack to server.
27 request peer second to login.php in coppermine gallery totally kill my linux server. System load average gets to 60.

I make experiment.
I go with firefox to coppermine login page and in maximum frequency clicking to refresh button in firefox and server get to load 40 in 30 seconds.

This is not normal. I make this on some other php/mysql pages and nothing happend. Server load stay in low values.
CPG is version is 1.4.9 or 1.4.10

Can anybody with linux, apache, mysql server try this?

Title: Re: SECURITY problem - kill requests
Post by: Joachim Müller on November 15, 2006, 03:55:25 pm

DDoS attacks are not being performed by someone hammering the reload button of his browser while he's on your page - they are script-driven instead. Your experiment doesn't prove anything.
Coppermine has not been developed with protection against DDoS in mind - you should take precautions against DDoS by implementing server-sided counter-measures like mod_evasive (http://www.google.com/search?q=+mod_evasive), which basically let's you determine a treshold for requests from a single IP per time period. If an IP address requests more than it is allowed to, the requests are being dropped.