41
Security / Re: Add custom rules to defender
« Last post by ArXoS on January 26, 2025, 23:26:07 »Thanks man !
Recent Posts
42
Security / Re: Add custom rules to defender
« Last post by datahell on January 26, 2025, 21:48:57 »Separate different filters by |
Use backslash \ to escape special characters such as dots and dashes.
The first index of the array denotes where to search (URI, QUERY, POST, AGENT, REFERER, IP, GET, etc...)
For instance the one bellow will not allow the existence in URL of the words moon, saturn, jupiter and pluto.
array('URI,QUERY', 'moon|saturn|jupiter|pluto', 'I dont like astronomy!'),
See general.rules.php to get more ideas.
Use backslash \ to escape special characters such as dots and dashes.
The first index of the array denotes where to search (URI, QUERY, POST, AGENT, REFERER, IP, GET, etc...)
For instance the one bellow will not allow the existence in URL of the words moon, saturn, jupiter and pluto.
array('URI,QUERY', 'moon|saturn|jupiter|pluto', 'I dont like astronomy!'),
See general.rules.php to get more ideas.
43
General / Re: too many fatal errors
« Last post by datahell on January 26, 2025, 21:40:20 »Persistent db connections
Elxis configuration file:
DB_PERSISTENT = 0
Save sessions in files (DON'T DO IT)
Elxis configuration file:
SESSION_HANDLER = files (saves in Elxis folder repository/session/)
or
SESSION_HANDLER = none (saves in server per-configured path - make sure the setting is correct in your PHP)
Defender
Defender might block from the first time, depends on the type of attack. In this case marks 3 blocks with 1 attack and therefor bans immediately.
You can enable IPs and IP ranges in Defender (it rocks, but makes the site a little slower).
Elxis administration > Settins > Security > Elxis defender: Enable General rules, IP and IP ranges
Tip: Do not strength security in Elxis Defender too much for a long period as it slows down your site. Elxis is secure even with Defender disabled. Regardless the attacks you have nothing to fear from Elxis. Just make sure you have all the updates applied and you store no insecure or forgotten files and scripts on site.
Elxis configuration file:
DB_PERSISTENT = 0
Save sessions in files (DON'T DO IT)
Elxis configuration file:
SESSION_HANDLER = files (saves in Elxis folder repository/session/)
or
SESSION_HANDLER = none (saves in server per-configured path - make sure the setting is correct in your PHP)
Defender
Defender might block from the first time, depends on the type of attack. In this case marks 3 blocks with 1 attack and therefor bans immediately.
You can enable IPs and IP ranges in Defender (it rocks, but makes the site a little slower).
Elxis administration > Settins > Security > Elxis defender: Enable General rules, IP and IP ranges
Tip: Do not strength security in Elxis Defender too much for a long period as it slows down your site. Elxis is secure even with Defender disabled. Regardless the attacks you have nothing to fear from Elxis. Just make sure you have all the updates applied and you store no insecure or forgotten files and scripts on site.
44
Security / Add custom rules to defender
« Last post by ArXoS on January 26, 2025, 15:48:27 »Hello elxis.
I want to protect from extra scan/ URL queries
For example, i have lots of scans for mysite/test1/...... and mysite/test2/........
What's the right syntax of the line for custom.rules.php ?
or
Regards
I want to protect from extra scan/ URL queries
For example, i have lots of scans for mysite/test1/...... and mysite/test2/........
What's the right syntax of the line for custom.rules.php ?
Code: [Select]
array('URI,QUERY', 'test1|test2' , 'Common CMS scan')or
Code: [Select]
array('URI,QUERY', 'test1\test2' , 'Common CMS scan'Regards
45
General / Re: too many fatal errors
« Last post by ArXoS on January 26, 2025, 09:30:50 »Thanks for your reply
According to this, the good news are that the first connections have access to the site and the next requests are on hold. This is something
I think that i am facing this for security reasons. Too many attacks. Anyway
2 questions :
1. How can i stop persistent database connections? Is this possible on a shared hosting ?
2. How can i save sessions in files ? Is this an elxis configuration?
3. How can i force defender to ban ips from their first attack instead of third?
According to this, the good news are that the first connections have access to the site and the next requests are on hold. This is something
I think that i am facing this for security reasons. Too many attacks. Anyway
2 questions :
1. How can i stop persistent database connections? Is this possible on a shared hosting ?
2. How can i save sessions in files ? Is this an elxis configuration?
3. How can i force defender to ban ips from their first attack instead of third?
46
General / Re: too many fatal errors
« Last post by datahell on January 24, 2025, 19:53:44 »Yes, I am 100% sure. Don't be confused by the error in Elxis.
PHP in Elxis tells you "I cannot save the session to the database". Why? Because the database connection closed (gone away). Without database connection all related database queries will though a php error. Session related queries are one of the first towards the database so it is very possible for the error to occur there.
Why the database connection failed? Because it reached the limit of "max_user_connections".
Why? Possible reasons:
1. You have a low limit -> increase it
2. Your site lately has really many visitors -> increase it
3. Your site faces attacks (many visitors) -> increase it and block attacks
Tip: If you allow persistent database connections, stop it.
The default value of max_connections is 151
Consider this example:
You have max_user_connections = 10
You have 9 connections active
You request a page a new connection opens (10th)
A new request tries to open a new connection. Due to the limit the previous one closes in order to open a new one. The user of the previous connection gets an error.
You could select in Elxis configuration to save sessions in files instead of database. However I dont recommend it:
1. It is slower
2. It will not stop from errors. The error most probably will just happen in a next db query.
PHP in Elxis tells you "I cannot save the session to the database". Why? Because the database connection closed (gone away). Without database connection all related database queries will though a php error. Session related queries are one of the first towards the database so it is very possible for the error to occur there.
Why the database connection failed? Because it reached the limit of "max_user_connections".
Why? Possible reasons:
1. You have a low limit -> increase it
2. Your site lately has really many visitors -> increase it
3. Your site faces attacks (many visitors) -> increase it and block attacks
Tip: If you allow persistent database connections, stop it.
The default value of max_connections is 151
Consider this example:
You have max_user_connections = 10
You have 9 connections active
You request a page a new connection opens (10th)
A new request tries to open a new connection. Due to the limit the previous one closes in order to open a new one. The user of the previous connection gets an error.
You could select in Elxis configuration to save sessions in files instead of database. However I dont recommend it:
1. It is slower
2. It will not stop from errors. The error most probably will just happen in a next db query.
47
General / Re: too many fatal errors
« Last post by ArXoS on January 23, 2025, 23:30:57 »Datahell, are we are sure that this is the problem ?
The traffic isnt so high, i have visitors about 20 per day an now there are about 8 online visitors and site is down.
Its not logical to reach max Connection
This is my fatal error message
[2025-01-23 23:21:02] ERROR in file /home/mousali/public_html/includes/libraries/elxis/database/statement.class.php line 43
Uncaught PDOException: SQLSTATE[HY000]: General error: 2006 MySQL server has gone away in /home/mousali/public_html/includes/libraries/elxis/database/statement.class.php:43
Stack trace:
#0 /home/mousali/public_html/includes/libraries/elxis/database/statement.class.php(43): PDOStatement->execute(NULL)
#1 /home/mousali/public_html/includes/libraries/elxis/database/table.class.php(55): elxisPDOStatement->execute()
#2 /home/mousali/public_html/includes/libraries/elxis/session.class.php(516): elxisDbTable->load('0b1983764e41c8e...')
#3 [internal function]: elxisSession->database_read('0b1983764e41c8e...')
#4 /home/mousali/public_html/includes/libraries/elxis/session.class.php(202): session_start()
#5 /home/mousali/public_html/includes/libraries/elxis/session.class.php(160): elxisSession->start()
#6 /home/mousali/public_html/includes/libraries/elxis/factory.class.php(160): elxisSession->__construct(Array)
#7 /home/mousali/public_html/includes/libraries/elxis/framework.class.php(69): eFactory::getSession(Array)
#8 /
The traffic isnt so high, i have visitors about 20 per day an now there are about 8 online visitors and site is down.
Its not logical to reach max Connection
This is my fatal error message
[2025-01-23 23:21:02] ERROR in file /home/mousali/public_html/includes/libraries/elxis/database/statement.class.php line 43
Uncaught PDOException: SQLSTATE[HY000]: General error: 2006 MySQL server has gone away in /home/mousali/public_html/includes/libraries/elxis/database/statement.class.php:43
Stack trace:
#0 /home/mousali/public_html/includes/libraries/elxis/database/statement.class.php(43): PDOStatement->execute(NULL)
#1 /home/mousali/public_html/includes/libraries/elxis/database/table.class.php(55): elxisPDOStatement->execute()
#2 /home/mousali/public_html/includes/libraries/elxis/session.class.php(516): elxisDbTable->load('0b1983764e41c8e...')
#3 [internal function]: elxisSession->database_read('0b1983764e41c8e...')
#4 /home/mousali/public_html/includes/libraries/elxis/session.class.php(202): session_start()
#5 /home/mousali/public_html/includes/libraries/elxis/session.class.php(160): elxisSession->start()
#6 /home/mousali/public_html/includes/libraries/elxis/factory.class.php(160): elxisSession->__construct(Array)
#7 /home/mousali/public_html/includes/libraries/elxis/framework.class.php(69): eFactory::getSession(Array)
#8 /
48
General / Re: too many fatal errors
« Last post by ArXoS on January 23, 2025, 22:21:11 »Datahell thanks for your answer.
Is there any way to kill active connections sooner to keep max users into limits ?
Is there any way to kill active connections sooner to keep max users into limits ?
49
General / Re: too many fatal errors
« Last post by datahell on January 23, 2025, 14:49:02 »This has nothing to do with Elxis or PHP. There is a setting in MySQL database named "max_user_connections", as your logs write, which limits the maximum number of simultaneously connections. If you reach this limit the database refuses new connections and therefor you get an error from MySQL. To solve this problem increase the value of max_user_connections
50
General / Re: too many fatal errors
« Last post by ArXoS on January 23, 2025, 13:36:30 »site comes up with this
Fatal error
Unrecoverable error!
Database connection failed! SQLSTATE[HY000] [1203] User mousali_2024 already has more than 'max_user_connections' active connections
Reference code: SEC-DBC1203
Fatal error
Unrecoverable error!
Database connection failed! SQLSTATE[HY000] [1203] User mousali_2024 already has more than 'max_user_connections' active connections
Reference code: SEC-DBC1203