Skip to:
Content
Pages
Categories
Search
Top
Bottom

Too many requests in short time


  • teamclasspro
    Participant

    @teamclasspro

    Hello !

    So basically, it looks like something related to buddypress results in the users making too many requests in a short amount of time. Because of this, those users look suspicious to the server rules and they get banned. Here is a log for one of them :

    21/Jan/2018:21:39:47 +0000|v1|109.131.108.xxx|classpro.be|301|0|127.0.0.1:9002|2.028|2.028|GET /wp-content/plugins/buddypress/bp-core/js/vendor/moment-js/locale/fr.min.js%20defer?ver=2.9.2 HTTP/1.0|0|0
    21/Jan/2018:21:39:50 +0000|v1|109.131.108.xxx|classpro.be|200|133317|127.0.0.1:9002|2.616|2.616|GET /online-learning-apps/ HTTP/1.0|0|0
    21/Jan/2018:21:39:58 +0000|v1|109.131.108.xxx|classpro.be|200|135059|127.0.0.1:9002|2.425|2.425|GET /course/stat-stat-s101-seances-10-11-12/ HTTP/1.0|0|0
    21/Jan/2018:21:40:00 +0000|v1|109.131.108.xxx|classpro.be|301|0|127.0.0.1:9002|2.033|2.033|GET /wp-content/plugins/buddypress/bp-core/js/vendor/moment-js/locale/fr.min.js'%20defer%20?ver=2.9.2 HTTP/1.0|0|0
    21/Jan/2018:21:40:04 +0000|v1|109.131.108.xxx|classpro.be|301|0|127.0.0.1:9002|3.222|3.222|GET /wp-content/plugins/buddypress/bp-core/js/vendor/moment-js/locale/fr.min.js%20defer?ver=2.9.2 HTTP/1.0|0|0
    21/Jan/2018:21:40:07 +0000|v1|109.131.108.xxx|classpro.be|200|133317|127.0.0.1:9002|3.163|3.163|GET /online-learning-apps/ HTTP/1.0|0|0
    21/Jan/2018:21:40:39 +0000|v1|109.131.108.xxx|classpro.be|200|130085|127.0.0.1:9002|2.137|2.137|GET /unit/stat-stat-s101-seance-2-3-4-ex1/?id=4389 HTTP/1.0|0|0
    21/Jan/2018:21:40:42 +0000|v1|109.131.108.xxx|classpro.be|200|208|127.0.0.1:6789|1.795|1.795|POST /?wc-ajax=get_refreshed_fragments HTTP/1.0|0|0
    21/Jan/2018:21:40:55 +0000|v1|109.131.108.xxx|classpro.be|301|0|127.0.0.1:9002|1.825|1.825|GET /members/lina/course HTTP/1.0|0|0
    21/Jan/2018:21:40:57 +0000|v1|109.131.108.xxx|classpro.be|200|126695|127.0.0.1:9002|2.155|2.155|GET /members/lina/course/ HTTP/1.0|0|0
    21/Jan/2018:21:40:59 +0000|v1|109.131.108.xxx|classpro.be|301|0|127.0.0.1:9002|1.769|1.769|GET /wp-content/plugins/buddypress/bp-core/js/vendor/moment-js/locale/fr.min.js'%20defer%20?ver=2.9.2 HTTP/1.0|0|0
    21/Jan/2018:21:41:01 +0000|v1|109.131.108.xxx|classpro.be|301|0|127.0.0.1:9002|1.725|1.725|GET /wp-content/plugins/buddypress/bp-core/js/vendor/moment-js/locale/fr.min.js%20defer?ver=2.9.2 HTTP/1.0|0|0
    21/Jan/2018:21:41:02 +0000|v1|109.131.108.xxx|classpro.be|499|0|127.0.0.1:9002|-|0.711|GET /online-learning-apps/ HTTP/1.0|0|0
    21/Jan/2018:21:41:05 +0000|v1|109.131.108.xxx|classpro.be|200|135056|127.0.0.1:9002|3.516|3.516|GET /course/stat-stat-s101-seances-10-11-12/ HTTP/1.0|0|0
    21/Jan/2018:21:41:08 +0000|v1|109.131.108.xxx|classpro.be|301|0|127.0.0.1:9002|1.672|1.672|GET /wp-content/plugins/buddypress/bp-core/js/vendor/moment-js/locale/fr.min.js'%20defer%20?ver=2.9.2 HTTP/1.0|0|0
    21/Jan/2018:21:41:10 +0000|v1|109.131.108.xxx|classpro.be|301|0|127.0.0.1:9002|1.669|1.669|GET /wp-content/plugins/buddypress/bp-core/js/vendor/moment-js/locale/fr.min.js%20defer?ver=2.9.2 HTTP/1.0|0|0
    21/Jan/2018:21:41:14 +0000|v1|109.131.108.xxx|classpro.be|499|0|127.0.0.1:9002|-|2.590|GET /online-learning-apps/ HTTP/1.0|0|0
    21/Jan/2018:21:41:16 +0000|v1|109.131.108.xxx|classpro.be|200|130010|127.0.0.1:9002|2.857|2.857|GET /unit/stat-stat-s101-seances-10-11-12-ex1/?id=4484 HTTP/1.0|0|0
    21/Jan/2018:21:41:21 +0000|v1|109.131.108.xxx|classpro.be|200|130010|127.0.0.1:9002|2.667|2.667|GET /unit/stat-stat-s101-seances-10-11-12-ex1/?id=4484 HTTP/1.0|0|0
    21/Jan/2018:22:57:32 +0000|v1|109.131.108.xxx|classpro.be|301|0|127.0.0.1:9002|1.743|1.743|GET /members/lina/course HTTP/1.0|0|0
    21/Jan/2018:22:57:35 +0000|v1|109.131.108.xxx|classpro.be|200|127953|127.0.0.1:9002|2.300|2.300|GET /members/lina/course/ HTTP/1.0|0|0
    21/Jan/2018:22:57:36 +0000|v1|109.131.108.xxx|classpro.be|301|0|127.0.0.1:9002|1.647|1.647|GET /wp-content/plugins/buddypress/bp-core/js/vendor/moment-js/locale/fr.min.js'%20defer%20?ver=2.9.2 HTTP/1.0|0|0
    21/Jan/2018:22:57:38 +0000|v1|109.131.108.xxx|classpro.be|301|0|127.0.0.1:9002|1.766|1.766|GET /wp-content/plugins/buddypress/bp-core/js/vendor/moment-js/locale/fr.min.js%20defer?ver=2.9.2 HTTP/1.0|0|0
    21/Jan/2018:22:57:41 +0000|v1|109.131.108.xxx|classpro.be|200|134575|127.0.0.1:9002|2.242|2.242|GET /online-learning-apps/ HTTP/1.0|0|0
    21/Jan/2018:22:57:43 +0000|v1|109.131.108.xxx|classpro.be|200|1717|127.0.0.1:6789|1.666|1.666|POST /?wc-ajax=get_refreshed_fragments HTTP/1.0|0|0
    21/Jan/2018:22:57:43 +0000|v1|109.131.108.xxx|classpro.be|200|1149|127.0.0.1:6789|1.936|1.936|POST /wp-admin/admin-ajax.php HTTP/1.0|0|0
    21/Jan/2018:22:58:06 +0000|v1|109.131.108.xxx|classpro.be|499|0|127.0.0.1:9002|-|1.898|GET /ulb-video-solvay-econ-stat/ HTTP/1.0|0|0
    21/Jan/2018:22:58:09 +0000|v1|109.131.108.xxx|classpro.be|200|136617|127.0.0.1:9002|3.255|3.255|GET /ulb-video-solvay-econ-stat/ HTTP/1.0|0|0
    21/Jan/2018:22:58:18 +0000|v1|109.131.108.xxx|classpro.be|200|137275|127.0.0.1:9002|2.752|2.752|GET /course/stat-stat-s101-seances-5-6-7/ HTTP/1.0|0|0

    This user got it’s IP banned shortly after. It looks like it’s calling a file in the bp-core a lot and we thought it might be linked to the issue. Do you see something wrong in this log ?

    Buddypress : Version 2.9.2
    Wordpress : Version 4.9.2
    Website : http://www.classpro.be

    Thanks a lot for your help !

  • You must be logged in to reply to this topic.
Skip to toolbar