Geo Stelar Posted January 9, 2011 Share Posted January 9, 2011 I'm getting a bunch of session-related errors in the error log coming from IP addresses owned by Microsoft with no known users attached to them. I have added that range to the blocker, we'll see if this helps.So far, I think it has helped.. At least for me. I don't get the errors anymore. Link to comment Share on other sites More sharing options...
eman96 Posted January 9, 2011 Share Posted January 9, 2011 Nothing happened to me so far... Link to comment Share on other sites More sharing options...
CrypticQuery Posted January 9, 2011 Share Posted January 9, 2011 Looking good on my front; usually when I visit the site and attempt to click on something for the first time, I get logged out, but everything seems to currently be in order :) Link to comment Share on other sites More sharing options...
Vixie Darkmatter Posted January 9, 2011 Share Posted January 9, 2011 I just got hit with a few 500 errors. I had to close the window and reopen it to view the site again. Link to comment Share on other sites More sharing options...
DZComposer Posted January 9, 2011 Author Share Posted January 9, 2011 Looking at the logs now, I think it is a valid assumption that these session issues were related the the attempted session-hijacking attack. It's actually good that the sessions terminated, as the attacker could have compromised accounts had they not.I'm going to switch back to db-driven sessions now, as they are the better way of doing thins. You may get logged-out again because of this. Link to comment Share on other sites More sharing options...
Arashikage Posted January 9, 2011 Share Posted January 9, 2011 yeah, Vixie can't sign on anymore, all she's getting is 500 errors Link to comment Share on other sites More sharing options...
DZComposer Posted January 9, 2011 Author Share Posted January 9, 2011 Hmm... Error logs say "premature end of script headers" for the 500s. Quite a bit today. "Premature End of Script Headers" in this case means that procwatch is killing the forum process. Nothing I can do about that until we can move to a VPS (we're getting too big for shared hosting). I have to pay-off some debts before I can afford to do that (keeping this place running is starting to get expensive...).Just tell her to keep trying. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now