Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DDOS & other tries to connect to DB #10423

Closed
wants to merge 1 commit into from
Closed

DDOS & other tries to connect to DB #10423

wants to merge 1 commit into from

Conversation

osworx
Copy link
Contributor

@osworx osworx commented Feb 13, 2022

While the current solution is better as it was before, I would suggest the above changes.
With them, in no case an output is displayed, instead it is logged (is optional).

Optional the timeout could be also defined (in cases of DDOS, etc.) to cut the server load.

@osworx
DDOS & other tries to connect to DB
2efa7eb 
While the current solution is better as it was before, I would suggest the above changes.
With them, in no case an output is displayed, instead it is logged (is optional).

Optional the timeout could be also defined (in cases of DDOS, etc.) to cut the server load.
@ADDCreative
Copy link
Contributor

Setting MYSQLI_OPT_CONNECT_TIMEOUT after connection is pointless. You would need to set it before and use real_connect to connect.

This is only of any use for badly configured servers, which could be a lot judging by the forums. I would still throw a generic error message with no credentials, as will as the log. Otherwise there will be a load of forum posts about white screens.

@osworx
Copy link
Contributor Author

osworx commented Feb 13, 2022

@ADDCreative yes, you are right about the timeout.
Regarding the display of message, a generic and harmless text may better for some, I use in such cases only 2 dots: ..
Then I know there is something .. wrong ..
Or instead showing a message, redirecting to a generic .html "error page" ?

On the other side, if those "website owners" do not know what a "white screen" means, they have a problem in general!

@Khnaz35
Copy link

Khnaz35 commented Feb 13, 2022

I have tried the @osworx solution but i am getting the following error:

`Notice: Undefined variable: mysqli in /home/xyz/public_html/system/library/db/mysqli.php on line 17Notice: Trying to get property 'connect_errno' of non-object in /home/xyz/public_html/system/library/db/mysqli.php on line 17Notice: Undefined variable: mysqli in /home/xyz/public_html/system/library/db/mysqli.php on line 18Warning: Creating default object from empty value in /home/xyz/public_html/system/library/db/mysqli.php on line 19

Fatal error: Uncaught Error: Call to undefined method stdClass::set_charset() in /home/xyz/public_html/system/library/db/mysqli.php:20 Stack trace: #0 /home/xyz/public_html/system/library/db.php(31): DB\MySQLi->__construct('localhost', 'oxyzzzwed_bassJo...', '12eeeee-%E', 'xyzeyss', '3306') #1 /home/xyz/public_html/system/framework.php(80): DB->__construct('mysqli', 'localhost', 'oxyzzzwed_bassJo...', '12eeeee-%E', 'xyzeyss', '3306') #2 /home/xyz/public_html/system/startup.php(104): require_once('/home/xyz/...') #3 /home/xyz/public_html/index.php(21): start('catalog') #4 {main} thrown in /home/xyz/public_html/system/library/db/mysqli.php on line 20`

@ADDCreative
Copy link
Contributor

ADDCreative commented Feb 14, 2022
edited
Loading

@ADDCreative yes, you are right about the timeout. Regarding the display of message, a generic and harmless text may better for some, I use in such cases only 2 dots: .. Then I know there is something .. wrong .. Or instead showing a message, redirecting to a generic .html "error page" ?

I personally would bother with a redirect. Just simple text or even as you suggest 2 dots.

@osworx
Copy link
Contributor Author

osworx commented Feb 19, 2022

Because Daniel had made a change in the file: da5dd4e
I am closing this PR.

@osworx osworx closed this Feb 19, 2022
@osworx osworx deleted the patch-63 branch February 19, 2022 08:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@osworx @ADDCreative @Khnaz35