Invision Community 4: SEO, prepare for v5 and dormant account notifications By Matt Monday at 02:04 PM
desti Posted January 4, 2020 Posted January 4, 2020 A very simple attack happened the other day, thousands of "GET /search/?q=1" (or 2...9) requests from different IP, mysql reply "too many connections". Do you want to return the minimum request length limit?
bfarber Posted January 6, 2020 Posted January 6, 2020 If you're using Elasticsearch, why did you end up with a MySQL "Too many connections" error exactly?
desti Posted January 6, 2020 Author Posted January 6, 2020 Yes, search result from elastic server, but all other data for page render from mysql.
bfarber Posted January 7, 2020 Posted January 7, 2020 It sounds like a general DOS/DDOS and your best bet would be to place a firewall in front of your site.
desti Posted January 7, 2020 Author Posted January 7, 2020 Come on, really? *.*.*.* - [02/Jan/2020:21:12:36 +0100] "GET /search/?q=1 HTTP/1.1", 20-30 rps, attacks from thousands different IP's, сan you tell me rule for iptables? I added a line and the attack stopped killing the server. if (!\IPS\Member::loggedIn()->member_id AND \strlen(\IPS\Request::i()->q) <= 2 ) die();
Recommended Posts
Archived
This topic is now archived and is closed to further replies.