[ic] DDoS (Distributed Denial of Service) attack causing interchange to fail
Stefan Hornburg (Racke)
racke at linuxia.de
Thu Aug 7 10:59:29 UTC 2025
On 05/08/2025 00:00, davideth--- via interchange-users wrote:
> Firewall has been optimized including 3 way verification of IP ( which eliminates a lot ) but the attacker has a way around that. They are using 1 time IP spoofing with a massive number of different IPs ( 25000 in a day ). and trying to access random pages in my cart.
>
>
> What is needed is when the request appears, the cart needs to reply with a verification page with a checkbox that must be checked and returned before any further processing is done. I know that this is just scratch but if this can be done, it will help a lot of users and make interchange more robust.
>
>
> if {!mv_verified(session_ID)
>
> send ack_form(session_ID);
>
> while {!acked(session_ID)
>
> if timer(session_ID) exit(session_timeout);
>
> }
>
>
> #ack_rcvd:
>
> Set mv_verified(session_ID);
>
> }
>
>
> This would save a lot of processing time and free interchange for legitimate accesses.
>
>
> ack_form
>
>
>
Contact your provider about DDos attack and switch to another provider if needed.
Regards
Racke
> _______________________________________________
> interchange-users mailing list
> interchange-users at interchangecommerce.org
> https://www.interchangecommerce.org/mailman/listinfo/interchange-users
--
Automation expert - Ansible and friends
Linux administrator & Debian maintainer
Perl Dancer & conference hopper
More information about the interchange-users
mailing list