Server attack through AIOSEOP

  • Resolved PagonyMedia

    (@pagonymedia)


    11 years, 5 months ago

    Hi,
    We are affiliate partner of a host provider, we have about 300 WP sites installed on our virtual server, and the provider itself also has quite many of them on their own part of the server.

    Monday afternoon the webmaster logged a serious attack. One sample line from the log:

    Jun 3 17:34:49 atma suhosin[61460]: ALERT – script tried to increase memory_limit to 268435456 bytes which is above the allowed value (attacker ‘180.180.54.98’, file ‘/srv/pagonymedia/xxxxxx.hu/httpdocs/wp-content/ plugins/all-in-one-seo-pack/all_in_one_seo_pack.php’, line 115)

    The attack stopped all WP sites for about 20 minutes. Then the problem was solved (somehow it was in relation with the well-known Trackback/Pingback – botnet – brute force attack issue), but our host provider disabled AIOSEOP for the whole server and they don’t let us use it if we can’t show a security fix release of the plugin.

    We only USE WordPress and All-In-One-SEO-Pack but we are not codewriters so we cannot say anything more about it. Can you, developers help us to use again our loved AIOSEOP?

    Many of us have hundreds of posts optimized with AIOSEOP and we really hate the idea to start it over again with another plugin… But AIOSEOP will not be enabled again on our server if we don’t have a security fix or at least any good explanation to what had happenned and how can we fix it or protect the server against it.

    Can you help us?

    Thanks in advance!

    https://www.ads-software.com/extend/plugins/all-in-one-seo-pack/

Viewing 3 replies - 1 through 3 (of 3 total)

  • PagonyMedia,

    This is not a security issue, and it’s nothing that WordPress core doesn’t do either, it and other plugins routinely raise or try to raise the PHP memory limit under a variety of circumstances. However, you can fix this by either commenting out / removing line 115 in that file, or by changing the define on line 63 in that same file to use a lower number for AIOSEOP_BASELINE_MEM_LIMIT — I’d recommend the latter approach. Ask your host what that limit is in bytes and use that number.

    Example – change line 61 in all_in_one_seo_pack.php to this to default to a 64MB memory limit initially:

    define( 'AIOSEOP_BASELINE_MEM_LIMIT', 67108864 ); // 64MB

    Thread Starter PagonyMedia

    (@pagonymedia)

    Thanks for your quick response!

    glad I found this … I had exactly the same issue twice with one of my domains (memory limit was 128M) and had a server crash after the above mentioned error message. What I find strange is that it happened with one domain only. I am using AIO with a number of other sites on the same server too and never experienced this issue with any of the other sites.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Server attack through AIOSEOP’ is closed to new replies.

Tags