Announcement

Collapse
No announcement yet.

Session files?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Session files?

    Hi Guys

    we are having massive problems still with taking payments on our site, (more details here http://community.actinic.com/showthread.php?t=40383 if you are interested)

    we have noticed something strange with the session files on the server;

    - firstly there were over 44,000 of them! an closer inspection many many thousands of these are very similar or the same in file name, heres one;

    61Z255Z124Z3A1229327924B17248.session

    is it correct to say that this seession came from the ip address 61.255.124.3 ?

    I am wondering if this is some kind of sabotage as there are many thousands of sessions from this address, over many days, and almost constant throughout the day, several sessions per hour.

    I cannot download these files via ftp and cannot even delete them using dreamweaver but can using fetch ftp, very odd (its not easy deleting 44,000 files!)

    any thoughts anyone, we are having severe problems taking payments and really need some help please!

    thanks guys

    Barry

    #2
    If that is the IP address, the IP lookup can be found here
    Reusable Snore Earplugs : Sample Earplugs - Wax Earplugs - Women's Earplugs - Children's Earplugs - Music Earplugs - Sleep Masks

    Comment


      #3
      Can you perhaps block that IP server side?

      Comment


        #4
        Thanks for that Guccij, its getting odder and odder!

        I noticed that the session files were read only, so i changed permissions on a few and downloaded them. There are quite a few from legit customers and we can see the persons details in there, but these ones are blank, no persoanl details, heres the contents

        <SessionFile Version="1&#46;0">
        <URLInfo>
        <LASTPAGE>http&#58;&#47;&#47;www&#46;tshirtsville&#46;com&#47;acatalog&#47;index&#46;html</LASTPAGE>
        <LASTSHOPPAGE>http&#58;&#47;&#47;www&#46;tshirtsville&#46;com&#47;acatalog&#47;index&#46;html</LASTSHOPPAGE>
        <BASEURL>http&#58;&#47;&#47;www&#46;tshirtsville&#46;com&#47;acatalog&#47;</BASEURL>
        </URLInfo>
        <CheckoutInfo>
        <BillContact/>
        <ShipContact/>
        <ShipInfo/>
        <TaxInfo/>
        <GeneralInfo/>
        <PaymentInfo/>
        <LocationInfo/>
        </CheckoutInfo>
        <ShoppingCart/>
        <Payment/>
        <IPCheck/>
        </SessionFile>


        And from Korea too??? very strange

        im busy deleting them now, does anyone think that this could somehow be connected to all the horrible payment problems we have been having?

        cheers Guccij

        Comment


          #5
          thanks duncan, yes that seems like a good idea, would you say that .htacess woud be the best way to do that? and would you know the actual code to use?

          thanks for the feedback guys

          Comment


            #6
            we also have a lots of .mail files on the server, such as MM67SZ20002076.mail

            there are about 20 of these with dates sread around the last few weeks, when we download and open them, they are order receipt emails, i would imagine that they were not sent otherwise they would not be on the server

            anyone have any idea what these are or what causes them?

            Comment


              #7
              Hi Barry,

              I don't know about the mail files, but your posts on the number of session files are interesting.

              What do you have set for the cart expiry time? I'd expect the session files to get cleared up after that. And how old are some of these files?

              Mike
              -----------------------------------------

              First Tackle - Fly Fishing and Game Angling

              -----------------------------------------

              Comment


                #8
                Hi Mike

                Ive deleted them all now to clean up, i dont think any of them were older than a week or so

                Ive just looked in Business Settings > Payment & Security and the PSP pending period is set to delete after 11 days, do you think we should reduce that? although i think thats different from the session files is it?

                The shopping carts were set to delete after 999 hours! woah! ive reduced that to 96 hours and uploading now, that probably explains why there were so many session files would you say?

                I think we might have set that years ago in our naivety thinking that to give people as lomg as possible to come back and buy was teh sensible thing, probably not though!

                thanks for that Mike, much obliged

                Comment


                  #9
                  The shopping carts were set to delete after 999 hours! woah! ive reduced that to 96 hours and uploading now, that probably explains why there were so many session files would you say?
                  Almost certainly the problem. Most people use the default which I think is 2 hours. If you still get a lot then consider reducing it down again. No-one still expects the shopping cart to still be there 4 days after they started it. (OK maybe someone ocasionally does, but they can always start again).

                  Mike
                  -----------------------------------------

                  First Tackle - Fly Fishing and Game Angling

                  -----------------------------------------

                  Comment


                    #10
                    Originally posted by olderscot View Post
                    ...No-one still expects the shopping cart to still be there 4 days after they started it...
                    Will probably mess up stock controls too.

                    Comment


                      #11
                      Thanks SO much for all your input guys, its working now im delighted to say!!

                      I think the whole problem, the Hsbc payment problemand the paypal problem, were all to do with these session files and they way they were being set and not deleted!

                      The fix suggested by webfusion on this thread also didnt work, http://community.actinic.com/showthread.php?t=40383 although i think that storing these files in a temp folder instead of the root is certainly something we will try again should this problem come up again

                      Although i think there is a chance that we have only fixed the symptom and not the real problem, i will report back to this thread what happens. Hopefully this fix will at least get us through Christmas

                      Ive just checked on the server and there are quite a few .session files building up, nothing out of control yet, keeping a close eye, there are also a good few .session.OPN files which i presume are cureent or open sessions are they? Im also seeing quite a few .occ files which were not there yesterday. Again if i find out more ill post back here to complete the thread for future users

                      This thread is the solution to this one regarding Hsbc
                      http://community.actinic.com/showthread.php?t=25573

                      and this one (Hsbc and paypal problems)
                      http://community.actinic.com/showthread.php?t=40383

                      Once again thanks for your help guys, we would still be suffering if it wasnt for the info on this board and the thought processes that communication with helpful likeminded colleagues can bring to the table

                      Happy Christmas Amigos

                      Comment


                        #12
                        I'm glad it's sorted Barry. I hope you now find time to relax and enjoy the rest of your christmas.

                        Mike
                        -----------------------------------------

                        First Tackle - Fly Fishing and Game Angling

                        -----------------------------------------

                        Comment


                          #13
                          Yes, what Mike said!
                          And double thanks for posting what worked (and what didn't)
                          That sort of information is invaluable to people who (might LOL) search for a similar problem.
                          Tracey

                          Comment


                            #14
                            Aaaaaw thanks guys, really appreciate that!

                            Happy Christmas everyone

                            Comment

                            Working...
                            X