[ic] DDoS (Distributed Denial of Service) attack causing, interchange to fail almost fixed

Fri Aug 8 21:38:41 UTC 2025

The program is now blocking accesses that are not getting a checkbox 
back and the DDoS is flat out stopped. However, there is a problem with 
the processing in that I am not getting back the checkbox response so 
that legitimate responses fail as well. I am sure that something is not 
right with the implementation of the tag.

 From error.log in the catalog

186.65.95.35 7vPcMUCf:186.65.95.35 - [08/August/2025:16:27:31 -0500] 
huldacpz /cgi-bin/cart.cgi/buyazapper getting valid verification page
186.65.95.35 7vPcMUCf:186.65.95.35 - [08/August/2025:16:27:31 -0500] 
huldacpz /cgi-bin/cart.cgi/buyazapper Runtime error: no response  at 
/usr/local/interchange/lib/Vend/Session.pm line 308.

_______________________________________________________________________________

sub display_init_page   # called from new_session
     {
     my $mv_verified = "";
     my ($name1);

     ::display_page('valid');

     ::logError("getting valid verification page");    # 5 Aug 2025 DLE  
log that the valid.html page has been sent

     if ($mv_verified)
         {
         return;  # mv_nextpage
         }
          else
             {
                 die("no response ");  # logs "error: no response

                 # No session files generated

                 # no tmp files generated

                 # These files have been obliterating Inodes and causing 
disk full errors which locks up interchange

                 }
}

____________________________________________________________________________

sub new_session {
     my($seed) = @_;
     my($name);

          ::display_init_page('valid');  # if this fails to get a 
checkbox from the valid.html, then a new session is not generated

          open_session();