cancel
Showing results for 
Search instead for 
Did you mean: 

Session file problem

Session file problem

Hi,

I am experiencing a major problem with session files... only seems to of manifested itself since moving host.

But basically, magento keeps creating multiple sessions per minute... I just logged in and in the space of just over 12 hours I found over 30,000 session files.

I dont know why its doing this, or what process is creating them but the website has not had 30,000 visitors in that period of time.

Any advise is much appreciated.

Thank You

4 REPLIES

Re: Session file problem

What specific version of Magento 1.9 are you on?

How are you saving the sessions?

What is the lifetime of the sessions?

Can you do a diff to make sure all the code is in there and correct (like nothing was hacked)?

-Kris
4x Certified, Blogger @ xgento.com

Re: Session file problem

It's usually caused by PHP which is unable for some reason wipe old session files. The "some reason" is usually poorly configured hosting. Easiest way to get around it is to create a cron job that removes outdated sessions. It's by no means ideal approach nor elegant, but it keeps your system alive (read: not running out of inodes) until you find more permanent solution. 

Tanel Raja

Re: Session file problem

Hi, sorry didn't update sooner.

Magento latest 1.9.2.4, I've altered session life and divisor and probability values etc and implemented a cleanup Script.

It has become apparent though this was the beginning of a ramped up DDOS attack.

It started out with the session files somethings a few thousand like 3-5k and other times 30-50k

Then website started running a bit slow around midday for 2 days for about 30 minutes only.

Then next day, the website was becoming slow for most of the day and server was returning timeout errors, and errors about SQL server being inaccessible etc... Server was maxing out its VPS resources like high CPU usage and ram.

In the end I took website offline for a few hours to make sure everything was up to date and secure.

Was fine rest of night and this morning, then first attack came at 2pm, host reported that server was hit with 800,000 packets a second equivalent to 9.1Gbps and because their datacentre couldn't sustain it the connection was null routed.

Came back on, then 10pm got another mail saying was hit again and website was offline at 9pm with 110,000,000 packets a second but was back on, at 10:15 was off again so most likely another attack, but host is having trouble tracing it... Because they said before they can trace is properly the null routing kicks in to protect their datacentre connection.

So that's the score.. A ramped up and sustained attack that has been ramped up over a week and half or so.

Re: Session file problem

11,000,000 rather