I'm getting DDOS-ed by my own pouchdb webapp

34 views
Skip to first unread message

Arnaud Loonstra

unread,
Feb 1, 2017, 9:23:00 PM2/1/17
to PouchDB
I have a website syncing a remote db to its local db. (pouchdb 6.1.1). Now it is live I'm getting bombarded with PUTs now and then. Already around 200000 this morning from this ip.

85.149.28.70 - - [29/Jan/2017:21:21:22 +0100] "PUT /db/ccstore/_local/rhiaLfaM.A6XR68SMk_PsQ%3D%3D HTTP/1.1" 409 340 "http://xxx.xxx.xxx.xx/" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko"
85.149.28.70 - - [29/Jan/2017:21:21:23 +0100] "PUT /db/ccstore/_local/rhiaLfaM.A6XR68SMk_PsQ%3D%3D HTTP/1.1" 409 340 "http://xxx.xxx.xxx.xx/" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko"
85.149.28.70 - - [29/Jan/2017:21:21:23 +0100] "PUT /db/ccstore/_local/rhiaLfaM.A6XR68SMk_PsQ%3D%3D HTTP/1.1" 409 340 "http://xxx.xxx.xxx.xx/" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko"
85.149.28.70 - - [29/Jan/2017:21:21:23 +0100] "PUT /db/ccstore/_local/rhiaLfaM.A6XR68SMk_PsQ%3D%3D HTTP/1.1" 409 340 "http://xxx.xxx.xxx.xx/" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko"
85.149.28.70 - - [29/Jan/2017:21:21:23 +0100] "PUT /db/ccstore/_local/rhiaLfaM.A6XR68SMk_PsQ%3D%3D HTTP/1.1" 409 340 "http://xxx.xxx.xxx.xx/" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko"
85.149.28.70 - - [29/Jan/2017:21:21:23 +0100] "PUT /db/ccstore/_local/rhiaLfaM.A6XR68SMk_PsQ%3D%3D HTTP/1.1" 409 340 "http://xxx.xxx.xxx.xx/" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko"
85.149.28.70 - - [29/Jan/2017:21:21:23 +0100] "PUT /db/ccstore/_local/rhiaLfaM.A6XR68SMk_PsQ%3D%3D HTTP/1.1" 409 340 "http://xxx.xxx.xxx.xx/" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko"
85.149.28.70 - - [29/Jan/2017:21:21:24 +0100] "PUT /db/ccstore/_local/rhiaLfaM.A6XR68SMk_PsQ%3D%3D HTTP/1.1" 409 340 "http://xxx.xxx.xxx.xx/" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko"
85.149.28.70 - - [29/Jan/2017:21:21:24 +0100] "PUT /db/ccstore/_local/rhiaLfaM.A6XR68SMk_PsQ%3D%3D HTTP/1.1" 409 340 "http://xxx.xxx.xxx.xx/" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko"

I know this is from a conflict probably from the sync call. Has anybody any advice what's best to do?

The website has very basic setup ie:

new PouchDB( this.dbName );
this.db.info( function ( err, info ) {
        this.db.changes( {
            live: true,
            include_docs: true,
            since: info.update_seq
        })
        .on( 'change', this.onDbChange.bind( this ) )
        .on( 'error', function ( err ) { dbg( 'info error', err ); });
    }.bind( this ) );

The backend is express-pouchdb (which I know has a memleak).

versions:
pou...@6.1.1
express...@2.2.0

Any poiniters really appreciated.

Rg,

Arnaud

Nolan Lawson

unread,
Feb 15, 2017, 4:31:21 PM2/15/17
to PouchDB
Thank you, we are tracking this issue here: https://github.com/pouchdb/pouchdb/issues/6190
Reply all
Reply to author
Forward
0 new messages