[ic] Fwd: continuing problems with routine to stop DDos attack working but has problems

davideth at whojamadoogle.com davideth at whojamadoogle.com
Tue Aug 12 20:00:46 UTC 2025 

Would it be better if the checkbox was called from dispatch.pm before 
session activity?


On 8/12/25 14:35, davideth at whojamadoogle.com wrote:
> The problem is that interchange is now generating excess resource 
> usage which locks up interchange.
>
> In session.pm
>
> sub new_session {
>     my($seed) = @_;
>     my($name);
>     my $Val;
>
>     ::logError("getting valid session id=$Vend::SessionID 
> name=$Vend::SessionName   !!!");    # 11 Aug 2025 DLE
> # clear valid page and continue
>     if (::display_init_page('valid') eq 0 )
>     {
>     ::logError("valid session id=$Vend::SessionID failed");
>     close_session();
>     return;
>     }
>
> # continue normal session generation
>
>     ::logError("rcvd valid session id=$Vend::SessionID  !!!"); # 12 
> Aug 2025 DLE
>
>     open_session();
>
> # ...
>
> }
>
> sub display_init_page
>     {
> #    my ($field,$value,$opt) = @_;
>     my $mv_verified = "";
>     my ($name1);
>     my $start_time = time();
>     my $timeout = 60; # 120 seconds
>     my $timeout2 = 5; # 120 seconds
>     my $i = 0;
>     my $ref;
>
>     ::display_page('valid');   # this send the checkbox to remote IP
>
>     while (time() - $start_time < $timeout)    # wait for a response
>         {
>         if ($mv_verified) # mv_nextpage
>             {
>             ::logError("rcvd valid verification page");    # 5 Aug 
> 2025 DLE
>             return(1);
>             }
>         }
>
>     ::logError("timeout getting valid");    # 8 Aug 2025 DLE
>
> return(0);
>
> }
>
>
> # from error.log in huldacpz showing 2 failed requests
>
> 213.230.93.86 uFZa8o7Q:213.230.93.86 - [12/August/2025:12:57:18 -0500] 
> huldacpz /cgi-bin/cart.cgi/aboutus getting valid session id=uFZa8o7Q  
> name=uFZa8o7Q:213.230.93.86   !!!
>
> 213.230.93.86 uFZa8o7Q:213.230.93.86 - [12/August/2025:12:58:18 -0500] 
> huldacpz /cgi-bin/cart.cgi/aboutus timeout getting valid
> 213.230.93.86 uFZa8o7Q:213.230.93.86 - [12/August/2025:12:58:18 -0500] 
> huldacpz /cgi-bin/cart.cgi/aboutus valid session id=uFZa8o7Q failed
>
>
> 14.169.226.68 RUbpxrpm:14.169.226.68 - [12/August/2025:12:57:22 -0500] 
> huldacpz /cgi-bin/cart.cgi/zappercomparisonchart getting valid session 
> id=RUbpxrpm  name=RUbpxrpm:14.169.226.68   !!!
>
> 14.169.226.68 RUbpxrpm:14.169.226.68 - [12/August/2025:12:58:22 -0500] 
> huldacpz /cgi-bin/cart.cgi/zappercomparisonchart timeout getting valid
> 14.169.226.68 RUbpxrpm:14.169.226.68 - [12/August/2025:12:58:22 -0500] 
> huldacpz /cgi-bin/cart.cgi/zappercomparisonchart valid session 
> id=RUbpxrpm failed
>
>

More information about the interchange-users mailing list