Help: Runaway processes killing server...
Marius Andreiana
mandreiana at rdslink.ro
Thu Sep 2 05:43:12 UTC 2004
On Wed, 2004-09-01 at 17:57 +0300, Mauri Sahlberg wrote:
> Twice comment-spammer has managed to bring our small server first to
> it's knees and then to it's belly? We are running postgresql, apache
> and serendipity. Today and yesterday this combination with very rapid
> repeated loading of serendipity comment-function (GET
> /comment.php?serendipity[entry_id]=9&serendipity[type]=comments
> HTTP/1.0" 200 3708 "http://12.163.72.13/" "Mozilla/4.0 (compatible;
> MSIE 6.0; Windows NT 5.2; .NET CLR 1.1.4322)"
> ) has managed to eat every scrap of memory there is? All I could do
> was to boot the server.
Improve your PHP scripts:
* Use POST method for html forms, not GET
* perform a check:
$referrer = parse_url( $_SERVER[ "HTTP_REFERER" ] );
if ( $referrer[ "host" ] != $_SERVER["HTTP_HOST"] ) {
echo "Don't post from another server!";
exit();
}
* set register_globals=off
and so on
--
Marius Andreiana
Galuna - Solutii Linux in Romania
http://www.galuna.ro
More information about the fedora-list
mailing list