Gossamer Forum
Home : Products : DBMan : Discussions :

really weird: files keep disappearing from auth/ folder

Quote Reply
really weird: files keep disappearing from auth/ folder
hi, today, for me out of the blue, a client informs me that when he logs in, he gets to see the extra options and as soon as he wants to go there (say add, modify etc) he needs to login again.

the site has been working well for years in the current way

the site hasn't reached it's quotum o the server either (have seen that corrupting textfiles)

I use the cookie mod, and have been looking but couldn't find anything

so i went to look what's causing it, and files from the auth/ folder just disappear, without an action from that user

so i changed auth to auth-new and that didn't change anything (to see it was a malicious script on the server, could still be so, for example if they read the cfg file, but still)

so i logged in, saw the user file in the auth folder and quickly switched the webserver off. I kept refreshing the folder (ssh) but after 20 seconds, the file disappeared again.

the server that the website runs on, has been ddos attacked lately, and sometimes still is but the server is now protected better.

could this been done by some kind of attack?

I'm really clueless now as to what is causing this.

Any ideas would be really appreciated.

Thanks.
Quote Reply
Re: [Lex] really weird: files keep disappearing from auth/ folder In reply to
I'm assuming you checked this first, but just in case check your .cfg to see how much time you provided to remain logged in:

$auth_time = 600; # (10 minutes) ## $auth_time = 1200; # (20 minutes) or: $auth_time = 21600; # 6 hours (in seconds)

If that doesn't help check the DBMan faq for a possible solution. There are a few threads where people had issue with the auth directory.

I searched using the keywords search for "auth" and found these:

record 969 - Invalid/Expired user session
record 974 - Problem with authenticated users

Hope this helps

Unoffical DBMan FAQ
http://redundantcartridge.com/dbman/