[opencms-dev] Ddos attack

Диканский Андрей Юрьевич adikanskii at ncfu.ru
Thu Jun 23 14:05:12 CEST 2022 

Hello All!

Our site is under ddos attack. We are using OpenCMS 10.5.4.
We have lots of entries in accecss log in apache like this:
111.119.195.30 - - [20/Jun/2022:08:49:55 +0300] "GET / HTTP/1.1" 301 6264 "http://www.villamagnoliarelais.com/plugins/system/plugin_googlemap2/plugin_googlemap2_proxy.php?url=https%3A//www.ncfu.ru/" "Links (2.1pre20; NetBSD 2.1_STABLE i386; 145x54)"
We made apache rule in our config
RewriteCond “{HTTP_REFERER}” “plugin_googlemap2”
RewriteRule ^.*$ - [F]
Now we have 403 in access log in apache. But server still losses connection. And we have timed out connection error.

We made another virtual machine with ngnix in order to filter traffic and pass to openCms only filtered request.
But when we turn on our traffic with ngnix machine, openCms works a little time and then failed. In open CMS log I can see error: MySQLNonTransientConnectionException: Data source rejected establishment of connection, message from server: “Too many connections”.
Ngnix server machine generates enormous traffic top openCms machine. And it can not to manage it.
Log in ngnix looks like this:
- [23/Jun/2022:14:02:04 +0300] "GET /opencms/ HTTP/1.1" 301 -
10.200.1.88 - - [23/Jun/2022:14:02:04 +0300] "GET /opencms/ HTTP/1.1" 301 -
10.200.1.88 - - [23/Jun/2022:14:02:04 +0300] "GET /opencms/ HTTP/1.1" 301 -
10.200.1.88 - - [23/Jun/2022:14:02:04 +0300] "GET /opencms/ HTTP/1.1" 301 -
10.200.1.88 - - [23/Jun/2022:14:02:04 +0300] "GET /opencms/ HTTP/1.1" 301 -
10.200.1.88 - - [23/Jun/2022:14:02:04 +0300] "GET /opencms/ HTTP/1.1" 301 -
10.200.1.88 - - [23/Jun/2022:14:02:04 +0300] "GET /opencms/ HTTP/1.1" 301 -
10.200.1.88 - - [23/Jun/2022:14:02:04 +0300] "GET /opencms/ HTTP/1.1" 301

NgNix settings in attachment.

Can you give an advice how to filter traffic with external ngnix server and pass it to opencms? Or may be any suggestions in such situation?

Andrew Dikansky

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opencms.org/pipermail/opencms-dev/attachments/20220623/57b321be/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screenshot 2022-06-23 143003.png
Type: image/png
Size: 128958 bytes
Desc: Screenshot 2022-06-23 143003.png
URL: <http://lists.opencms.org/pipermail/opencms-dev/attachments/20220623/57b321be/attachment.png>

More information about the opencms-dev mailing list