1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Not a Bug Session flood issue

Discussion in 'Resolved Bug Reports' started by EgyKit, Nov 29, 2012.

  1. EgyKit

    EgyKit Member


    Today I had very high cpu and memory load reaching 100% by an attacker, after some viewing the database during the high load I noticed that the session table is filled up with thousands of session entries from the same IP with the same data except the sessionStart in the session_data field

    I've disabled all add-ons and the issue still exist, I was able to stop him just by banning his IP from the cpanel!

    I think this is a bug in the xenforo and how to disable insertion of multiple sessions for the same IP?
  2. digitalpoint

    digitalpoint Well-Known Member

    You can't... If you did that then two people on the same network behind a NAT couldn't use the site... Or some ISPs even use NATs for all their users (especially in Asia).
    Jake Bunce and EgyKit like this.
  3. EgyKit

    EgyKit Member

    Thank you, the problem has been solved by setting up a firewall :)
    Jake Bunce likes this.
  4. digitalpoint

    digitalpoint Well-Known Member

    Yep... that's the best thing to do... just blocking the IP. The farther upstream you can block the IP the better. At the application level is okay, server level is better, somewhere before they even get to your servers would be even better.
    Jake Bunce and EgyKit like this.
  5. EgyKit

    EgyKit Member

    Yes a hardware firewall is the best option :) thank you for your update.

Share This Page