https://bugs.kde.org/show_bug.cgi?id=379193
Bug ID: 379193
Summary: DDoSing discover/featured-5.9.json ocs/providers.xml
Product: Discover
Version: 5.9.4
Platform: Other
OS: Linux
Status: UNCONFIRMED
Severity: normal
Priority: NOR
Component: discover
Assignee: aleix...@kde.org
Reporter: j...@jriddell.org
Target Milestone: ---
<bcooksley> okay, Discover has a severe DOS bug then
<bcooksley> I see a pattern repeating over and over
<bcooksley> where the url /ocs/providers.xml is absolutely slammed very hard
<bcooksley> and I mean like 20 requests in a single second hard
<bcooksley> at the same time that IP also hits that discover featured url
<Riddell> https://autoconfig.kde.org/discover/featured-5.9.json is what is
looks for
<bcooksley> yep, thats the vhost that gets hammered
<bcooksley> (it hits download.kde.org/ocs/providers.xml first though)
<bcooksley> is there any reason why it would want to fetch 20 or so copies of
the OCS providers.xml file?
--
You are receiving this mail because:
You are watching all bug changes.
