Ticket system failing

S

seba

Verified User
Joined
Jan 7, 2014
Messages
6
The ticket system seems to be failing: https://tickets.directadmin.com/ , seems like the disk is full:

Code: 
Warning: session_start(): open(/tmp/sess_58c0e7106fe4e2d9a18aaea679fcee1c, O_RDWR) failed: No space left on device (28) in /home/tickets/domains/tickets.directadmin.com/private_html/index.php on line 4

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/tickets/domains/tickets.directadmin.com/private_html/index.php:4) in /home/tickets/domains/tickets.directadmin.com/private_html/index.php on line 4

Warning: Cannot modify header information - headers already sent by (output started at /home/tickets/domains/tickets.directadmin.com/private_html/index.php:4) in /home/tickets/domains/tickets.directadmin.com/private_html/index.php on line 7
 
Hello all,

Just to let you all know, it's a DDOS on our server, trying to get into the /clients area, incrementing through all client account numbers, just one attempt each.
The rate-limiter is working fine, so they're mainly bouncing off of that and wasting their time, but it was still creating too many session files, hence the inodes got maxed out.
Looking at the values they're attempting with, they'll never get in, so I'm not worried about it, but I've changed the cleanup routines for php session files so they don't hang around after the failed login.

Even with that being said, always use a strong password for your client account and we also recommend using a Two-Factor Authentication in your /clients accounts for an added layer of security.

To confirm, there has been no security breach, just too many session files ;)

Sorry for the inconvenience!

John
 
You must log in or register to reply here.
Back
Top