[ic] continuing problems with routine to stop DDos attack

Tue Aug 12 19:27:51 UTC 2025

The problem is that interchange is now generating excess resource usage 
which locks up interchange.

In session.pm

sub new_session {
     my($seed) = @_;
     my($name);
     my $Val;

     ::logError("getting valid session id=$Vend::SessionID 
name=$Vend::SessionName   !!!");    # 11 Aug 2025 DLE
# clear valid page and continue
     if (::display_init_page('valid') eq 0 )
     {
     ::logError("valid session id=$Vend::SessionID failed");
     close_session();
     return;
     }

# continue normal session generation

     ::logError("rcvd valid session id=$Vend::SessionID  !!!"); # 12 Aug 
2025 DLE

     open_session();

# ...

}

sub display_init_page
     {
#    my ($field,$value,$opt) = @_;
     my $mv_verified = "";
     my ($name1);
     my $start_time = time();
     my $timeout = 60; # 120 seconds
     my $timeout2 = 5; # 120 seconds
     my $i = 0;
     my $ref;

     ::display_page('valid');   # this send the checkbox to remote IP

     while (time() - $start_time < $timeout)    # wait for a response
         {
         if ($mv_verified) # mv_nextpage
             {
             ::logError("rcvd valid verification page");    # 5 Aug 2025 DLE
             return(1);
             }
         }

     ::logError("timeout getting valid");    # 8 Aug 2025 DLE

return(0);

}

# from error.log in huldacpz showing 2 failed requests

213.230.93.86 uFZa8o7Q:213.230.93.86 - [12/August/2025:12:57:18 -0500] 
huldacpz /cgi-bin/cart.cgi/aboutus getting valid session id=uFZa8o7Q  
name=uFZa8o7Q:213.230.93.86   !!!

213.230.93.86 uFZa8o7Q:213.230.93.86 - [12/August/2025:12:58:18 -0500] 
huldacpz /cgi-bin/cart.cgi/aboutus timeout getting valid
213.230.93.86 uFZa8o7Q:213.230.93.86 - [12/August/2025:12:58:18 -0500] 
huldacpz /cgi-bin/cart.cgi/aboutus valid session id=uFZa8o7Q failed

14.169.226.68 RUbpxrpm:14.169.226.68 - [12/August/2025:12:57:22 -0500] 
huldacpz /cgi-bin/cart.cgi/zappercomparisonchart getting valid session 
id=RUbpxrpm  name=RUbpxrpm:14.169.226.68   !!!

14.169.226.68 RUbpxrpm:14.169.226.68 - [12/August/2025:12:58:22 -0500] 
huldacpz /cgi-bin/cart.cgi/zappercomparisonchart timeout getting valid
14.169.226.68 RUbpxrpm:14.169.226.68 - [12/August/2025:12:58:22 -0500] 
huldacpz /cgi-bin/cart.cgi/zappercomparisonchart valid session 
id=RUbpxrpm failed