Question Stealing is like a DOS attack

Status
Not open for further replies.
H

Home Alone

Customer
I went live with the shop addon and enabled the steal function. Some users created a bot that when it found someone with a high amount of credits it kept stealing from them in rapid fashion until all of their credits were gone. The result of this was a DOS like attack on the server that kept resulting in Nginx gateway errors. When I investigated I saw hundreds of these mysql processes running at once:


# User@Host: newlsa[newlsa] @ [192.168.0.72]
# Thread_id: 19575537 Schema: newlsa QC_hit: No
# Query_time: 1.211768 Lock_time: 0.000010 Rows_sent: 5 Rows_examined: 391458
# Rows_affected: 0 Bytes_sent: 36818
SET timestamp=1616974924;
SELECT xf_user.*
FROM xf_user

WHERE (xf_user.is_banned = 0) AND (xf_user.user_state = 'valid')
ORDER BY xf_user.dbtech_credits_credits DESC

LIMIT 5;
# Time: 210328 18:42:05
# User@Host: newlsa[newlsa] @ [192.168.0.72]
# Thread_id: 19575593 Schema: newlsa QC_hit: No
# Query_time: 1.268547 Lock_time: 0.000009 Rows_sent: 5 Rows_examined: 391458
# Rows_affected: 0 Bytes_sent: 36818
SET timestamp=1616974925;
SELECT xf_user.*
FROM xf_user

WHERE (xf_user.is_banned = 0) AND (xf_user.user_state = 'valid')
ORDER BY xf_user.dbtech_credits_credits DESC

LIMIT 5;

I had to shut the webservers down to allow the MySQL server to catch up.

Is there a way to throttle the steal function? Is there a way to limit the number of steal attempts allowed in one day?
 
That query is from the rich list, it has nothing to do with the steal feature. There's no throttling feature at this time, so I would recommend banning those members instead.
 
No, but the rich list loads whenever you click the currency link to get the pop-up.
 
Hello @Home Alone,

We hope your ticket regarding DragonByte Shop has been addressed to your satisfaction. This ticket has now been scheduled to be closed.

If your ticket has not been resolved, you can reply to this thread at any point in the next 7 days in order to reopen the ticket, afterwards this thread will be closed.

Please do not reply to this thread if your ticket has been resolved.

Thank you.


- DragonByte Technologies, Ltd.
 
Hello @Home Alone,

As we have not heard back from you, your ticket regarding DragonByte Shop has now been closed.

If your ticket has not been resolved, please feel free to start a new support ticket and link back to this ticket.

If you have time, please leave a review on XenForo.com's Resource Manager.

Thank you.


- DragonByte Technologies, Ltd.
 
Status
Not open for further replies.

Similar threads

J
  • Locked
  • Support ticket Support ticket
Bug Slooooow Queries
Replies
7
Views
1K
DragonByte Technologies
DragonByte Technologies
H
  • Locked
  • Support ticket Support ticket
Question Long running query
2
Replies
25
Views
2K
DragonByte Technologies
DragonByte Technologies
H
  • Locked
  • Support ticket Support ticket
Question Slow Queries
Tags Tags
404 big board button cache forum instance mods mysql only performance query shop ten thanks mod thread timestamp user
Replies
5
Views
1K
Fillip H.
Fillip H.
M
  • Locked
  • Support ticket Support ticket
Bug Slow MYsql Query
Tags Tags
forumid mysql open post query ten thread timestamp user vbulletin
Replies
1
Views
744
Fillip H.
Fillip H.
H
  • Locked
  • Support ticket Support ticket
Question MySQL Slow Query
Tags Tags
database forum mysql only options query server settings threads timestamp user usertag
Replies
1
Views
598
Fillip H.
Fillip H.

DragonByte Shop

XenForo 1.5.3+ XenForo 2.0.x XenForo 2.1.x XenForo 2.2.x XenForo 2.3.x
Seller
DragonByte Technologies
Release date
Last update
Total downloads
3,372
Customer rating
5.00 star(s) 3 ratings
Back
Top