Results 1 to 3 of 3
  1. #1
    Join Date
    Mar 2010
    Posts
    83
    Plugin Contributions
    0

    Default We are seemingly under a shopping cart exhaustion attack

    Hello,

    We have been seeing slow performance on our site for the past week. I dug in further and found it was because MySQL was pegging the CPU at 95%. Looking in the admin it appears that a bad actor is sending hundreds of shopping cart requests from different IP address in the same subnet originating in Hong Kong.

    Name:  2019-10-21_20-14-03.jpg
Views: 94
Size:  43.9 KB

    It looks like they are trying to exhaust the resources of the web server by engaging in this attack.

    Any thoughts on how this can be prevented? We are running on 1.5.6c.

  2. #2
    Join Date
    Jul 2012
    Posts
    16,718
    Plugin Contributions
    17

    Default Re: We are seemingly under a shopping cart exhaustion attack

    Most obvious but counterproductive is to stop hosting a site.

    Next though far more realistic is to begin blocking the originating area using .htaccess or other such blocking tools so that they do not have the opportunity to really use resources.

    Other than that, it's really unfortunately a part of being on the Internet which is why I started above the way I did.
    ZC Installation/Maintenance Support <- Site
    Contribution for contributions welcome...

  3. #3
    Join Date
    Mar 2010
    Posts
    83
    Plugin Contributions
    0

    Default Re: We are seemingly under a shopping cart exhaustion attack

    Yeah I thought about blocking. I was interested to see if there was some new issue that came out in 1.5.6c that made this possible since this coincides with the site be upgraded to 1.5.6c.

    If not, any other suggestions?

 

 

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR