2.4 has changes to the ACE threading which helps the server scale much better on windows
Ryan is correct, the normal way to address DoS attacks is with firewalls, proxies and such other software which sits out front of the application server. As you are using an open source product in production, presumably in a commercial situation, how about engaging a developer or sponsoring the project to investigate address your problems? z On Tue, May 15, 2012 at 5:28 AM, Chris Gountanis <cgounta...@mpowerinnovations.com> wrote: > Not to beat a dead horse but are there any fixes in 2.4 that would prevent > this type DoS attack? The billion time error "Error: Session has expired or > is invalid. Please log in again." obviously doesn't help anyone but I am > hoping the dev team is on top of this. I really wonder what the hacker is > sending in a short amount of time (brute force?) that is crashing the web > service and eventually MapGuide 2.2. I feel very unsafe right now, I hope > there are no exploits that actually allow a server to be comprised. > > -- > View this message in context: > http://osgeo-org.1560.n6.nabble.com/Error-Session-has-expired-or-is-invalid-Please-log-in-again-Server-Crash-from-Asia-IP-EVERYDAY-tp4974449p4974546.html > Sent from the MapGuide Users mailing list archive at Nabble.com. > _______________________________________________ > mapguide-users mailing list > mapguide-users@lists.osgeo.org > http://lists.osgeo.org/mailman/listinfo/mapguide-users -- Zac Spitzer Solution Architect / Director Ennoble Consultancy Australia http://www.ennoble.com.au http://zacster.blogspot.com +61 405 847 168 _______________________________________________ mapguide-users mailing list mapguide-users@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/mapguide-users