Just upgraded website.

In the next day or so, I’m going to be upgrading the panda website. This will be a multi-step process:

Step 1. Install a new OS on a new machine.

Step 2. Lock the forums on the old machine.

Step 3. Copy the data over to the new machine.

Step 4. Change the DNS to point at the new machine.

So from your point of view, there will be a day or so where you can’t post, and then things will return to normal. I’m sure that I’ll fail to copy something or other, and it will probably take a few days to work the kinks out.

After the transition, you’ll notice a new antispam captcha on the phpbb2 registration page. You’ll also see that we’re running the latest version of everything (wiki, phpbb2, etc). Hopefully, you won’t notice any other changes.

Update: if you’re looking at this, the forum upgrade is complete.

o0 wow… being 2 days not online and missing all the fun :smiley:

Nice Job! :slight_smile:

Regards, Bigfoot29

panda3d.org/manual/index.php/Examp … _Community

The links in the above page (and probable more pages) need to be updated to link to the new forum. They link to /forum rather than the new /phpbb2


Well, it looks like the new web server isn’t stable. It ran for several days and then locked up. Once it locked up, it was totally inaccessible, even via the console. I get the impression that it ran out of RAM, but I’m not sure about that. I’ll be monitoring it for the next few days to see what happened.

I was wondering what happened. I thought it was me :wink: user error. Either that or the spambots were getting revenge by a denial-of-service attack :wink:

Hm. This is interesting, from the web server statistics:

Month Unique visitors Number of visits Pages Hits Bandwidth

22 Oct 2006 688 5670 46007 6.36 GB
23 Oct 2006 833 6762 45049 4.71 GB
24 Oct 2006 277 2993 18827 1.62 GB
25 Oct 2006 839 6761 46488 5.87 GB
26 Oct 2006 820 6464 39557 4.82 GB
27 Oct 2006 809 7494 49329 12.83 GB
28 Oct 2006 647 102668 139940 50.21 GB
29 Oct 2006 180 47461 54411 48.83 GB

It’s beginning to look like a DOS attack. Almost all the additional bandwidth is to one IP address. The server logs look like this: - - [29/Oct/2006:09:15:24 -0500] “POST /phpbb2/viewtopic.php?t=892&start=0 HTTP/1.1” 200 38992 “https://discourse.panda3d.org/viewtopic.php?t=903&view=previous” “Mozilla/4.0 (compatible; MSIE 5.0; Windows 98)” - - [29/Oct/2006:09:15:28 -0500] “POST /phpbb2/viewtopic.php?t=892&start=0 HTTP/1.1” 200 38958 “https://discourse.panda3d.org/viewtopic.php?t=903&view=previous” “Mozilla/4.0 (compatible; MSIE 5.0; Windows 98)” - - [29/Oct/2006:09:15:31 -0500] “POST /phpbb2/viewtopic.php?t=892&start=0 HTTP/1.1” 200 38980 “https://discourse.panda3d.org/viewtopic.php?t=903&view=previous” “Mozilla/4.0 (compatible; MSIE 5.0; Windows 98)” - - [29/Oct/2006:09:15:42 -0500] “POST /phpbb2/viewtopic.php?t=892&start=0 HTTP/1.1” 200 39027 “https://discourse.panda3d.org/viewtopic.php?t=903&view=previous” “Mozilla/4.0 (compatible; MSIE 5.0; Windows 98)” - - [29/Oct/2006:09:15:45 -0500] “POST /phpbb2/viewtopic.php?t=892&start=0 HTTP/1.1” 200 38989 “https://discourse.panda3d.org/viewtopic.php?t=903&view=previous” “Mozilla/4.0 (compatible; MSIE 5.0; Windows 98)” - - [29/Oct/2006:09:15:48 -0500] “POST /phpbb2/viewtopic.php?t=892&start=0 HTTP/1.1” 200 38952 “https://discourse.panda3d.org/viewtopic.php?t=903&view=previous” “Mozilla/4.0 (compatible; MSIE 5.0; Windows 98)” - - [29/Oct/2006:09:15:53 -0500] “POST /phpbb2/viewtopic.php?t=892&start=0 HTTP/1.1” 200 38956 “https://discourse.panda3d.org/viewtopic.php?t=903&view=previous” “Mozilla/4.0 (compatible; MSIE 5.0; Windows 98)” - - [29/Oct/2006:09:15:56 -0500] “POST /phpbb2/viewtopic.php?t=892&start=0 HTTP/1.1” 200 39001 “https://discourse.panda3d.org/viewtopic.php?t=903&view=previous” “Mozilla/4.0 (compatible; MSIE 5.0; Windows 98)” - - [29/Oct/2006:09:15:59 -0500] “POST /phpbb2/viewtopic.php?t=892&start=0 HTTP/1.1” 200 38987 “https://discourse.panda3d.org/viewtopic.php?t=903&view=previous” “Mozilla/4.0 (compatible; MSIE 5.0; Windows 98)” - - [29/Oct/2006:09:16:03 -0500] “POST /phpbb2/viewtopic.php?t=892&start=0 HTTP/1.1” 200 38980 “https://discourse.panda3d.org/viewtopic.php?t=903&view=previous” “Mozilla/4.0 (compatible; MSIE 5.0; Windows 98)” - - [29/Oct/2006:09:16:06 -0500] “POST /phpbb2/viewtopic.php?t=892&start=0 HTTP/1.1” 200 38966 “https://discourse.panda3d.org/viewtopic.php?t=903&view=previous” “Mozilla/4.0 (compatible; MSIE 5.0; Windows 98)” - - [29/Oct/2006:09:16:10 -0500] “POST /phpbb2/viewtopic.php?t=892&start=0 HTTP/1.1” 200 38976 “https://discourse.panda3d.org/viewtopic.php?t=903&view=previous” “Mozilla/4.0 (compatible; MSIE 5.0; Windows 98)” - - [29/Oct/2006:09:16:18 -0500] “POST /phpbb2/viewtopic.php?t=892&start=0 HTTP/1.1” 200 38972 “https://discourse.panda3d.org/viewtopic.php?t=903&view=previous” “Mozilla/4.0 (compatible; MSIE 5.0; Windows 98)”

Anybody have any clue about what this could mean?

Well that is interesting. The netblock owner for - is Information Technology Corporation Tehran, Iran.

You can email this address for abuse:


This is from the whois data. It’s a start I guess.

Well, the web logs say it’s a windows 98 machine. My guess is, an infected one.

Well, from that section you posted, that could just be a user hitting refresh lots of times I guess, wondering why the webserver isn’t responding.

If so, they hit “refresh” a total of 193,421 times. :slight_smile:

Oh, nevermind then :wink:

Isn’t it possible to just block the IP if its always the same? Either using iptables or using Apache itself? (afaik there should be such a ability…)

Just my 2 (Euro-)cents :slight_smile:

Regards, Bigfoot29

Well, it went down again last night, and not because of a DOS this time. I just did a test — the webserver is allowing unlimited concurrent downloads, which it isn’t supposed to do. I’m going to see why it appears to be ignoring its config file.

Well, I’ve made two configuration changes. We’ll see how it goes:

  • I’ve reduced the max number of servers from 150 down to 50.

  • I’ve installed mod_limitipconn, and set the limit to 3 concurrent downloads per IP address.

Well, your changes seem to have worked Josh. :wink: The webserver was actually responding this morning.

knock on wood

josh, acccess any page i get

now when i reload the page immediatly, i will get to the page! so it’s a permanent ‘click-reload’ cycle for me to see each page.

I’m on OS X / Safari if that makes any difference.