Total de publicaciones:
94
Karma:
558
Unido:
13/3/2015
Ubicación:
Belgium
Hello guys, Today I tried to visit my site and found it offline. I quickly checked my error pages and saw that my database (1 GB allocated) was full. First thing I did was expand the allocated DB size in Smarterasp to 2GB. I came back to check on the database size literally 5 minutes later and found it grew 40mb in size! I checked the tables and saw tremendous amounts of guest users. Up to 10 guest users created every second for the past few days. In the error logs I see the follwing: Error sending e-mail. Failure sending mail. This also up to 10 times every second. Am I right to assume I'm under attack? What to do? Kind regards, Jef
Total de publicaciones:
145
Karma:
810
Unido:
8/11/2011
Ubicación:
United States
Same problem here, I just posted about it. Also smarterasp. Kenny
Total de publicaciones:
94
Karma:
558
Unido:
13/3/2015
Ubicación:
Belgium
I looked into my database. The following tables are using the most space: Customer 116541 rows Customer_Customer 116551 rows GenericAttribute 118918 rows Log 240255 rows Deleting my guest users for the current day and clearing the log, decreased the database size to 500 Mb which is normal. Kind regards, Jef
MVP
Socio de Solución de Oro
Desarrollador Certificado
Total de publicaciones:
2139
Karma:
22181
Unido:
23/7/2009
Ubicación:
India
Hi Jef, Thank you for sharing these details. Keep monitoring to understand the issue. And I guess, you already enabled the scheduled task to delete guest customers. You should also check traffic from google analytics to see if these are real users or crawlers or something else! Regards, Krunal
Total de publicaciones:
94
Karma:
558
Unido:
13/3/2015
Ubicación:
Belgium
Hello, I can't find any anomalies in Google Analytics. I also receive 503 frequently when trying to do something like opening an article.
Total de publicaciones:
94
Karma:
558
Unido:
13/3/2015
Ubicación:
Belgium
Hello, I checked the IIS Raw logs on SmarterASP. Good call. I see a bunch of this: 2017-10-02 23:57:30 POST /productemailafriend/2816 - 114.103.92.19 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64;+rv:54.0)+Gecko/20100101+Firefox/54.0 https://www.brickhunters.be/be/productemailafriend/2816 200 29572 1918 2017-10-02 23:57:30 POST /productemailafriend/2816 - 49.81.50.225 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64;+rv:54.0)+Gecko/20100101+Firefox/54.0 https://www.brickhunters.be/be/productemailafriend/2816 200 29572 2720 2017-10-02 23:57:30 POST /productemailafriend/2816 - 103.240.182.49 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64;+rv:54.0)+Gecko/20100101+Firefox/54.0 https://www.brickhunters.be/be/productemailafriend/2816 200 29572 1869 2017-10-02 23:57:30 POST /productemailafriend/2816 - 114.235.153.158 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64;+rv:54.0)+Gecko/20100101+Firefox/54.0 https://www.brickhunters.be/be/productemailafriend/2816 200 29572 2469 2017-10-02 23:57:30 POST /productemailafriend/2816 - 183.160.73.42 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64;+rv:54.0)+Gecko/20100101+Firefox/54.0 https://www.brickhunters.be/be/productemailafriend/2816 200 29572 1868 2017-10-02 23:57:30 POST /productemailafriend/2816 - 114.235.153.13 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64;+rv:54.0)+Gecko/20100101+Firefox/54.0 https://www.brickhunters.be/be/productemailafriend/2816 200 29572 1921 2017-10-02 23:57:30 POST /productemailafriend/2816 - 114.234.144.118 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64;+rv:54.0)+Gecko/20100101+Firefox/54.0 https://www.brickhunters.be/be/productemailafriend/2816 200 29572 1956 This is a ridiculous amount.
MVP
Socio de Solución de Oro
Desarrollador Certificado
Total de publicaciones:
2139
Karma:
22181
Unido:
23/7/2009
Ubicación:
India
Seems like an automated requests from multiple IPs. Do you allow email a friend for guest users?
Total de publicaciones:
94
Karma:
558
Unido:
13/3/2015
Ubicación:
Belgium
I guess so. Do you think disabling it would help any further? If so, how can I do that?