forum.coppermine-gallery.net

Support => cpg1.4.x Support => Older/other versions => cpg1.4 miscellaneous => Topic started by: x9sim9 on March 13, 2008, 11:48:58 pm

Title: Coppermine Mass Add Files vs DOS Attack Help Please!
Post by: x9sim9 on March 13, 2008, 11:48:58 pm

Hi, I use the Mass Add Files feature to upload content to the gallery, which is very useful.

Unfortunately my server frequently experiences DOS (denial of service) attacks from hackers, and as such I have had to install a module to provide protection

the mod_evasive apache module http://www.zdziarski.com/projects/mod_evasive/

Unfortunately this module mistakes the Mass Add Files feature of Coppermine for a DOS attack.

A DOS attack has the following behaviour:
Requesting the same page a considerable number of times per second
Making considerable concurrent requests on the same child per second

Unfortunately the way in which coppermine adds files to the gallery requires calling the same page once for every photo uploaded, so 100 photos would be a 100 (almost simultaneous) connections to the same page.

Is there a way in which I can upload a considerable number of photos to the gallery, whilst still protecting from DOS (Denial of Service) attacks?

Title: Re: Coppermine Mass Add Files vs DOS Attack Help Please!
Post by: SaWey on March 14, 2008, 12:11:46 am

Eather you can put yourself on the whitelist of the mod, or if you have a dynamic IP, you might want to try and execute the page from the server itself.

Probably better to ask the creator of this mod for support on this?

Title: Re: Coppermine Mass Add Files vs DOS Attack Help Please!
Post by: x9sim9 on March 14, 2008, 11:02:17 pm

Unforunately I am both on a dynamic IP and not in direct control of the server (hosting company). My concern is that the way in which coppermine updates photos in the gallery is the same behavior as a denial of service attack, so no matter what module is used to protect the server I am still going to receive this problem.

What I am looking for is some way of both protecting against this attack and uploading content to the server, is there another way to add files to the gallery that are put on the server by an FTP client for example.

Or a way in which i can limit the number of simultaneous connections that coppermine uses when using the Mass Add Files feature.

thanks for your feedback

Title: Re: Coppermine Mass Add Files vs DOS Attack Help Please!
Post by: Nibbler on March 14, 2008, 11:06:26 pm

It's not Coppermine that creates these connections, it's your web browser. Adjust the number of concurrent connections your browser uses per server (if your web browser allows you to control this).

Title: Re: Coppermine Mass Add Files vs DOS Attack Help Please!
Post by: x9sim9 on March 24, 2008, 03:25:58 am

Interesting Idea anyone know exactly how this works with the Mass Add Files function?

does it create a seperate connection for each photo
or
create a new request for each photo

I know its calling on the same page for each photo, would there be a way to limit how many calls to the same page from the browser?

and which browser would allow me to limit connections?

thanks for your help, guys