[mapguide-users] Re: Error: Session has expired or is invalid. Please log in again. > Server Crash from Asia IP (EVERYDAY!)

Zac Spitzer zac.spitzer at gmail.com
Mon May 14 23:35:19 EDT 2012

2.4 has changes to the ACE threading which helps the server
scale much better on windows

Ryan is correct, the normal way to address DoS attacks is
with firewalls, proxies and such other software which sits out
front of the application server.

As you are using an open source product in production, presumably
in a commercial situation, how about engaging a developer
or sponsoring the project to investigate address your problems?


On Tue, May 15, 2012 at 5:28 AM, Chris Gountanis
<cgountanis at mpowerinnovations.com> wrote:
> Not to beat a dead horse but are there any fixes in 2.4 that would prevent
> this type DoS attack? The billion time error "Error: Session has expired or
> is invalid. Please log in again." obviously doesn't help anyone but I am
> hoping the dev team is on top of this. I really wonder what the hacker is
> sending in a short amount of time (brute force?) that is crashing the web
> service and eventually MapGuide 2.2. I feel very unsafe right now, I hope
> there are no exploits that actually allow a server to be comprised.
> --
> View this message in context: http://osgeo-org.1560.n6.nabble.com/Error-Session-has-expired-or-is-invalid-Please-log-in-again-Server-Crash-from-Asia-IP-EVERYDAY-tp4974449p4974546.html
> Sent from the MapGuide Users mailing list archive at Nabble.com.
> _______________________________________________
> mapguide-users mailing list
> mapguide-users at lists.osgeo.org
> http://lists.osgeo.org/mailman/listinfo/mapguide-users

Zac Spitzer
Solution Architect / Director
Ennoble Consultancy Australia
+61 405 847 168

More information about the mapguide-users mailing list