Welcome to Geeklog, Anonymous Sunday, January 05 2025 @ 03:43 am EST
Geeklog Forums
Pollbooth hole
Status: offline
jnordquist
Forum User
Full Member
Registered: 03/14/03
Posts: 129
Location:Kenosha
We had a bozo creating a robot that apparently hits our pollbooth and floods it with entries I assume by deleting the cookie. My hosting service (opensourcehost.com) had to disable pollbooth.php on my site.pasted below from my host.
----
Hey,
Over the last few days the server you are on has had some issues with Apache spiralling out of control and crashing the server. After watching the server and trying to catch it in the act we finally did. It is your pollbooth.php that is crashing the server. Simply by visiting the comments the server would go crazy and then the load would go sky high, eventually coming back down.
I disabled pollbooth.php by chmod 000 (changed the permissions so it
couldn't execute). Let me know what I can do for you. Thanks.
-----------
After further reading I see you had a problem with some guy injecting votes into the poll. When I caught the server going crazy the exact thing the log said was "www.kenoshaonline.net POST /pollbooth.php HTTP/1.1" about 100+ times in a row. The POST's were make Apache go crazy. Let me know what I can do to help you. Thanks.
Over the last few days the server you are on has had some issues with Apache spiralling out of control and crashing the server. After watching the server and trying to catch it in the act we finally did. It is your pollbooth.php that is crashing the server. Simply by visiting the comments the server would go crazy and then the load would go sky high, eventually coming back down.
I disabled pollbooth.php by chmod 000 (changed the permissions so it
couldn't execute). Let me know what I can do for you. Thanks.
-----------
After further reading I see you had a problem with some guy injecting votes into the poll. When I caught the server going crazy the exact thing the log said was "www.kenoshaonline.net POST /pollbooth.php HTTP/1.1" about 100+ times in a row. The POST's were make Apache go crazy. Let me know what I can do to help you. Thanks.
-------------END PASTE----------
Has anyone run into this?
John Nordquist,
Applications Specialist, medical Technologies
24
12
Quote
Status: offline
Dirk
Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Hmm, Geeklog should really catch things like that, but it seems it doesn't. You could try adding
array ($REMOTE_ADDR, $qid));
if ($pcount > 0) {
exit;
}
at the beginning of function pollsave in pollbooth.php (between the "global ..." and the "DB_change(...").
It won't help much with the server load, but would at least prevent manipulation of the poll, so hopefully the guy will stop then.
bye, Dirk
Text Formatted Code
$pcount = DB_count ($_TABLES['pollvoters'], array ('ipaddress', 'qid' ),array ($REMOTE_ADDR, $qid));
if ($pcount > 0) {
exit;
}
It won't help much with the server load, but would at least prevent manipulation of the poll, so hopefully the guy will stop then.
bye, Dirk
9
11
Quote
Status: offline
jnordquist
Forum User
Full Member
Registered: 03/14/03
Posts: 129
Location:Kenosha
And the question remains, how do you get rid of bozo's like that. I tried the ban plugin and actually went so far as to ban the entire array of class C's from his provider, but when I saw the logs a few minutes ago, he was on again twice, so I guess the ban plugin isn't always effective.
I'll try that addition to pollbooth.php and if I can convince my host to let me try polls again, I'll report how it works.
Thanks much
John Nordquist,
Applications Specialist, medical Technologies
I'll try that addition to pollbooth.php and if I can convince my host to let me try polls again, I'll report how it works.
Thanks much
John Nordquist,
Applications Specialist, medical Technologies
13
16
Quote
All times are EST. The time is now 03:43 am.
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content