[ic] DDoS (Distributed Denial of Service) attack causing, interchange to fail almost fixed

DB db at m-and-d.com
Fri Aug 8 21:58:20 UTC 2025 

I have tried that geo-ip stuff as well, and until recently it has worked.

Within the last 6 weeks we have seen AI-based bots spamming us from IPs 
that geo-locate from every country on earth. Nothing but a "confirm 
you're human" feature has worked for me since then. Cloudflare's free 
tier offers amazing features.

I've been around awhile but I'm no guru. Both Jon and Racke are absolute 
IC legends and have provided free advice to OP.

DB


On 8/8/25 5:38 PM, davideth--- via interchange-users wrote:
> The program is now blocking accesses that are not getting a checkbox 
> back and the DDoS is flat out stopped. However, there is a problem with 
> the processing in that I am not getting back the checkbox response so 
> that legitimate responses fail as well. I am sure that something is not 
> right with the implementation of the tag.
> 
>  From error.log in the catalog
> 
> 186.65.95.35 7vPcMUCf:186.65.95.35 - [08/August/2025:16:27:31 -0500] 
> huldacpz /cgi-bin/cart.cgi/buyazapper getting valid verification page
> 186.65.95.35 7vPcMUCf:186.65.95.35 - [08/August/2025:16:27:31 -0500] 
> huldacpz /cgi-bin/cart.cgi/buyazapper Runtime error: no response  at / 
> usr/local/interchange/lib/Vend/Session.pm line 308.
> 
> _______________________________________________________________________________
> 
> sub display_init_page   # called from new_session
>      {
>      my $mv_verified = "";
>      my ($name1);
> 
>      ::display_page('valid');
> 
>      ::logError("getting valid verification page");    # 5 Aug 2025 DLE 
> log that the valid.html page has been sent
> 
>      if ($mv_verified)
>          {
>          return;  # mv_nextpage
>          }
>           else
>              {
>                  die("no response ");  # logs "error: no response
> 
>                  # No session files generated
> 
>                  # no tmp files generated
> 
>                  # These files have been obliterating Inodes and causing 
> disk full errors which locks up interchange
> 
>                  }
> }
> 
> ____________________________________________________________________________
> 
> sub new_session {
>      my($seed) = @_;
>      my($name);
> 
> 
>           ::display_init_page('valid');  # if this fails to get a 
> checkbox from the valid.html, then a new session is not generated
> 
>           open_session();
> _______________________________________________
> interchange-users mailing list
> interchange-users at interchangecommerce.org
> https://www.interchangecommerce.org/mailman/listinfo/interchange-users

More information about the interchange-users mailing list