 We have been watching some unusual traffic against this file on my Dolphin Install. Though we have not been compromised I just set a firewall rule to beat it back a bit.
Any one else see this in their logs?
Just checked it again and It dropped. But 20,000 hits in an hour? Bloody near took my server down My whole site doesn't see that kind of traffic in a month :)
Any known exploits against this part of Ray?
|
Parts of Ray, such as chat & shoutbox, call XML.php every few seconds to refresh the display. That can easily add up to 20,000 requests for that file if you have people using chat. They don't even have to be actively using chat. All they have to do is have the chat page loaded in the browser. . What I am not sure of, is if the chat goes into some sort of timeout in the users browser, after a period of inactivity, to stop needlessly refreshing the chat display. Chat is a pretty server intensive thing, and can use a hefty chunk of bandwidth. I don't think there's anything in XML.php that can be exploited. My opinions expressed on this site, in no way represent those of Boonex or Boonex employees. |
Ah so. With a little investigation you are certainly right on. We do have a few hosts that try to beat us up (the usual suspects) so I get paranoid.
Were good.
Thanks for the reply |
