SitePoint Sponsor

User Tag List

Results 1 to 6 of 6
  1. #1
    SitePoint Member
    Join Date
    Aug 2005
    Posts
    3
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Ack! Orkut is killing my server

    Not by hotlinking images, but by using my url redirection site to hotlink a .js file. Makes no sense, but I'm getting thousands of requests every second for the file i.cx/1ya coming from http://www.orkut.com.br/Main. If my server was able to keep up with the requests, it would serve up a redirect to rodlac.com.br/js/xss.js (which is not loading right now, perhaps because too many requests were passed through before I shut down the redirect).

    I've tried signing up to Orkut.com.br but google insists on showing me the ".com" site, even after I said I was from Brasil, so I can't view the source code for the page in question. Meanwhile, I tried dumping all traffic with "orkut" in the referrer, but there are still too many requests. I've had to change nameservers for my site so it doesn't resolve, though the requests are still coming in at an overwhelming rate. Obviously I'd like to get the site back up soon.

    Suggestions? I don't see any support link at orkut.com that suggests I will get a quick response to this, and I want to get my site back up asap. Can someone from Brazil login and find where it's being pulled in the source code? Thanks!

  2. #2
    SitePoint Member
    Join Date
    Sep 2010
    Posts
    2
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hey!

    I'm from Brazil, and I know what's happening. It's a code for orkut that a guy created that loads a Brazil's flag image on an user profile. this image has a script, and the source code of the script is on your server. This script sends the same flag to other users, and they see it, sending to others and others... It's a security fail in orkut. Millions of users has seen the flag, and requested the souce code for your server. Please delete the link from your server, so, we here in Brazil can stop recieving this worm.

    Thanks =D

  3. #3
    SitePoint Member
    Join Date
    Aug 2005
    Posts
    3
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi thanks for the information! I have had to take down the entire URL redirection website temporarily, it was killing the entire server. Before disabling the website I set all requests for this specific URL redirect to return a blank page, but just serving thousands of blank pages a second was too much. Can you tell me is this still a problem? Has Orkut fixed the problem yet? I need to get i.cx back up asap.

  4. #4
    Programming Team silver trophybronze trophy
    Mittineague's Avatar
    Join Date
    Jul 2005
    Location
    West Springfield, Massachusetts
    Posts
    17,153
    Mentioned
    190 Post(s)
    Tagged
    2 Thread(s)
    Instead of returning a blank page, can you return 410 GONE HTTP headers for the URL instead?

  5. #5
    SitePoint Member
    Join Date
    Sep 2010
    Posts
    2
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Orkut has fiked it and deleted all the users who created the worm, so you can bak up your server now. Thanks for stopping the worm and sorry, in name of all Orkut users!

  6. #6
    SitePoint Member
    Join Date
    Aug 2005
    Posts
    3
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hey brunobehnken tks for letting me know it's fixed! I never got a response from Google/Orkut. :-(

    @Mittineague I had tried various redirects with .htaccess but the request load was still way to high.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •