Database attack of some sort right now

For general questions and discussions specific to the AbleCommerce GOLD ASP.Net shopping cart software.
Post Reply
foodsleuth
Commander (CMDR)
Commander (CMDR)
Posts: 139
Joined: Wed Mar 31, 2010 8:59 pm

Database attack of some sort right now

Post by foodsleuth » Thu Jul 25, 2019 5:30 pm

Hi,
If anyone can help, someone is "injecting" orders (attempted orders) into our system right now. I don't know their IP to block because we use cloudflare. They've loaded up almost 1100 baskets, I'm concerned the site will fail. Any help?
Thanks,
Barb

foodsleuth
Commander (CMDR)
Commander (CMDR)
Posts: 139
Joined: Wed Mar 31, 2010 8:59 pm

Re: Database attack of some sort right now

Post by foodsleuth » Thu Jul 25, 2019 5:45 pm

Short of shutting down SQL server I don't know what to do, it's not stopping. Is there a way to purge these bogus carts or otherwise stop this?
Thanks

jguengerich
Commodore (COMO)
Commodore (COMO)
Posts: 436
Joined: Tue May 07, 2013 1:59 pm

Re: Database attack of some sort right now

Post by jguengerich » Fri Jul 26, 2019 8:37 am

You could try turning off guest checkout and enabling Captcha.
Jay

foodsleuth
Commander (CMDR)
Commander (CMDR)
Posts: 139
Joined: Wed Mar 31, 2010 8:59 pm

Re: Database attack of some sort right now

Post by foodsleuth » Fri Jul 26, 2019 9:02 am

It's still going on, the basket has 30,000 items now, I can't stop this. How is this even possible?

jguengerich
Commodore (COMO)
Commodore (COMO)
Posts: 436
Joined: Tue May 07, 2013 1:59 pm

Re: Database attack of some sort right now

Post by jguengerich » Fri Jul 26, 2019 9:09 am

Did you try deleting the user?
Jay

foodsleuth
Commander (CMDR)
Commander (CMDR)
Posts: 139
Joined: Wed Mar 31, 2010 8:59 pm

Re: Database attack of some sort right now

Post by foodsleuth » Fri Jul 26, 2019 9:25 am

It's creating hundreds of users on hundreds of ip addresses and hundreds of carts (thousands)

foodsleuth
Commander (CMDR)
Commander (CMDR)
Posts: 139
Joined: Wed Mar 31, 2010 8:59 pm

Re: Database attack of some sort right now

Post by foodsleuth » Fri Jul 26, 2019 1:19 pm

In case anyone else has this problem, here is what I ended up doing:
1. Called my hosting company (managed hosting service) they said they could do nothing. They did say talk to Cloudflare.
2. Put in a support ticket to Cloudflare and I also set the site to "attack" mode. Cloudflare was able to see the real IP and I was able to setup firewall rules to block that IP and challenge any others from the same ASN, in case they just change their IP.
3. That traffic is still banging away at the server but Cloudflare is keeping it out so far.

That all said: I would like to purge those abandoned baskets out of the system because they've added a ton of bogus records to the database. Any thoughts how to do this? Do I recall from long ago some setting that says how long to store the carts?
Thanks

jguengerich
Commodore (COMO)
Commodore (COMO)
Posts: 436
Joined: Tue May 07, 2013 1:59 pm

Re: Database attack of some sort right now

Post by jguengerich » Fri Jul 26, 2019 1:36 pm

There are settings for how long to keep Anonymous users on Configure > Store > Maintenance. There are default settings and a tool to show how many there are and immediately delete them (based on number of days old). Not sure what the database performance will be if it has that many to delete.

If they are "real" users, it doesn't look like there is a setting.
Jay

foodsleuth
Commander (CMDR)
Commander (CMDR)
Posts: 139
Joined: Wed Mar 31, 2010 8:59 pm

Re: Database attack of some sort right now

Post by foodsleuth » Fri Jul 26, 2019 1:52 pm

Thanks Jay, these are not real users and I just found those settings. I knew where was something in somewhere! I'm going to run maintenance on the anonymous user (and their baskets) and the lord willing it should clean them all out. It says to do it off hours because it will probably bog down the site given my current anonymous user count is a whopping: 456319.
Thanks again for the assistance.
Barb

Post Reply