[SOLVED] Prestashop 1.5.6.1 GoogleBot Crawl - Slow BlockLayered

[Chughtai]

I am experiecing DOS attach on my prestashop 1.5.6.1 latest updated...

 

Need Help

Edited December 10, 2013 by bsource (see edit history)

[doekia]

Weird question... DOS attack is something not related to a solution.

 

If the question is does Prestashop be relativly secure and try its best against site penetration / SQL injection the answer is yes ...

[vekia]

can you show logs ? why you think that its  a DOS ?

[Chughtai]

there is some security loop hole in prestashop, a fake user is accessing a page that does not exist, which is causing my sql to overload.

here is link, what is 

http://scottishkiltshop.com/en/8-jackets?selected_filters=availability-not_available%2Fchest_size-47%2Fsleeve_length-255%2Fwaist_size-50

[Chughtai]

some one is creating 40-50 even more session on my website with above url, which does not exist on my website therefore my sql server hang up.. 

 

they are using following range of ips for attack 66.249.74.*

 

we have installed firewall on server and when try to block this range of ips, it shows ip dones not exists..

[Chughtai]

here are sql processes/quries stock on my sql server and creating load.

 

| 4 | scottiv1_user | localhost | scottish_shop | Query | 291 | Sending data | SELECT p.`id_product`, product_shop.`condition`, p.`id_manufacturer`, sa.`quantity`, p.`weight` , m. | | 28 | root | localhost | NULL | Query | 0 | NULL | show processlist | | 51 | scottiv1_user | localhost | scottish_shop | Query | 108 | Sending data | SELECT p.`id_product`, product_shop.`condition`, p.`id_manufacturer`, sa.`quantity`, p.`weight` , m. |

[doekia]

Deactivate your blocklayered, it should helps the SQL

 

blocklayered can have a pretty massive impact when the set of choice increase.

[doekia]

they are using following range of ips for attack 66.249.74.*

 

This is googlebot !!! Ajust your robot.txt to prevent such impact

[Chughtai]

how to deactivate blocklayered 

[taoufiqaitali]

blocklayered is a module in prestashop,disable it and see 

[benjamin utterback]

there is some security loop hole in prestashop, a fake user is accessing a page that does not exist, which is causing my sql to overload.

here is link, what is 

http://scottishkiltshop.com/en/8-jackets?selected_filters=availability-not_available%2Fchest_size-47%2Fsleeve_length-255%2Fwaist_size-50

 

Can you explain this a little more? We take security extremely seriously, how is this a loophole?

[vekia]

Benjamin, it's a simple bot from google

i don't think so that it's related to hole in prestashop.

[benjamin utterback]

Benjamin, it's a simple bot from google

i don't think so that it's related to hole in prestashop.

 

Hi Milos, I agree, but just wanted to make sure that is clear. If this is not a dos attack (which we don't think it is at all) maybe we should change the title to avoid confusion. 

[Chughtai]

this is not google bot, after reading your recommendation we blocked aceess of all bots but we are still under attack..

I am using comm100 chat support software, which show certain incoming connections from same range of ips, generating such bad queries which start creating load on our server.

[Chughtai]

blocklayered is a module in prestashop,disable it and see 

 

Taufique I disabled the Layered navigation block, but problem is still there.

 

[Chughtai]

Here is the screen shot of my comm100 chat support panel..

[Chughtai]

another screen shot of comm100, which shows 35 concurrent sessions from same range of ips

[benjamin utterback]

This does not relate to the software set up or security. Instead, you should contact you hosting provider for more information. 

[Chughtai]

I had hours of conversation with bluehost vps tier 3 level support, they asked me to do following things.. 

 

Install firewall on server

disable bad bots access

tight firewall security

 

after applying all above, they are unable to solve issue, they said, its my software issue..  

so what should i do..

Edited December 10, 2013 by Chughtai (see edit history)

[Chughtai]

Deactivate your blocklayered, it should helps the SQL

 

blocklayered can have a pretty massive impact when the set of choice increase.

 

after disabling Layered navigation block, there is tremendous difference of load, but still hell of traffic from same range of ips

[benjamin utterback]

Did they explain to you how they are official google bots crawling your website? A good tool to use is a Reverse DNS Lookup 

 

Read this, https://support.google.com/webmasters/answer/80553?hl=en

 

You can use WhoIs to do a reverse dns http://whois.net/reverse-dns-ip-lookup/

 

Strange that they did not tell you that! 

[doekia]

Now your blocklayered is disabled, hence your SQL goes better

 

The IP's are not badbot, I doubt you've been talking to any tech at Lvele3 about that since:

32.74.249.66.in-addr.arpa. 86400 IN    PTR    crawl-66-249-74-32.googlebot.com.
51.74.249.66.in-addr.arpa. 86400 IN    PTR    crawl-66-249-74-51.googlebot.com.

Now you just need to edit your robots.txt, add:

*

Disallow /

 

Actually your module have filled googlebot with zillions of urls reason they can't stop trying

Configure your robots.txt to ignore properly some hash/url

 

Case closed

 

PS: Return proper http code should you be facing too high rate such as 469. Googlebot obey those btw

[benjamin utterback]

Now your blocklayered is disabled, hence your SQL goes better

 

The IP's are not badbot, I doubt you've been talking to any tech at Level3 about that since:

 

 

This is true. Chughtai, although you can disable it. 35 concurrent IP's on a VPS is not going to make a big difference. They are crawling your lost pages, maybe for SEO and referencing.

[Chughtai]

Server load is much stable, and it is not overloading after disabling layered navigation block..

but may I know what is the purpose of Layered navigation block  in prestashop and why it was using too much server resources..

Edited December 10, 2013 by Chughtai (see edit history)

[Chughtai]

doekia Thank you very much for your help..

[doekia]

You welcome.

 

Regarding blocklayered it generates a lots of url for the purpose of providing some smart search mechanism.

When your search option get really wide that can fool crawlers about your content (basically they try every set of options)

You better prevent crawler from indexing them (robots.txt excluded path).

And bear in mind that layered search has also an impact on your server in regard a combinations that need to be fetched ...

 

The thumb rule is keep it simple, and have a consensus in between what you whould like to offer vs how much that impact your perf

[El Patron]

I was looking at blocklayered for other purposes and did see that you can tell blocklayered to allow or disable  bot index

 

http://screencast.com/t/9eKXmLc7I3