1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XF 1.2 Forum crashes simply by holding down F5

Discussion in 'Troubleshooting and Problems' started by Nnirvi, Mar 5, 2014.

  1. Nnirvi

    Nnirvi Member

    Hi!

    I can crash my forums by holding down F5. I've disabled all add-ons, enabled APC and reduced PHP memory limit down to 8M. I'm on a managed server so I can't install any Apache mods, what should I do?
     
  2. Liam W

    Liam W Well-Known Member

    What do you mean by crashes?

    Liam
     
  3. MattW

    MattW Well-Known Member

    You are basically DDOS inc your own site by doing that
     
  4. Nnirvi

    Nnirvi Member

    Crashing = Slowing down to near unusable. I know I'm DoSing my server but is there any built-in mechanism that could prevent this or am I doing something wrong? Also, I can only do this by refreshing pages that have lot of messages.
     
  5. Liam W

    Liam W Well-Known Member

    Get a better server? Reducing the memory limit will just make it worse, as PHP won't have as much memory to complete tasks.

    Liam
     
  6. EQnoble

    EQnoble Well-Known Member

    Hi there. If your server is managed tell the person who manages it to setup mod_evasive or mod_cband or whatever alternative they prefer to limit requests per ip per second or whatever and they should take it from there.
     
  7. Nnirvi

    Nnirvi Member

    Sadly, this is not an option as they won't install any additional mods.
     
  8. EQnoble

    EQnoble Well-Known Member

    Unfortunately there is not much you can other than find a different host within the same budget who can keep your site up and stop that sort of thing. However...if you already have your ip address or range set in a white-listed type of configuration and send a ridiculous amount of requests from that ip address you could still take down your own server if it is smaller server.

    All in all if it is a problem and it can't be solved there it would be best to seek a solution somewhere else.
     
  9. Nnirvi

    Nnirvi Member

    One of the members of forum suggested a session based solution. With this code inside $session->start(); I should be able to limit too many attempts. I probably should write a lugin for this, right? What events should I listen?

    Code:
    private $url = 'foobar';
    private $urlCount = 0;
    
    function checkUrlCount() {
            if ($this->url == $_SERVER['REQUEST_URI']) {
                $Now = C_Timestamp::now();
                if ($this->UrlTime->addSeconds(2)->isLessThan($Now)) {
                    $this->urlCount = 0;
                    $this->UrlTime = $Now;
                }
                $this->urlCount++;
            } else {
                $this->UrlTime = C_Timestamp::now();
                $this->url = $_SERVER['REQUEST_URI'];
                $this->urlCount = 1;
            }
    
            if ($this->urlCount > 4) {
                $this->UrlTime = C_Timestamp::now();
                echo $this->urlCount . ' refreshes in last 2 sconds. ';
                echo 'Too many refreshes. ';
                echo '<p>Wait for a few seconds and click here: <a href="' . $this->url . '">' . $this->url . '</p>';
                exit;
            }
        }
     

Share This Page