On Fri, 2010-06-11 at 19:56 +0530, Shreyas wrote: > I agree with Ash's comment. > > You should probably dig in deeper and see if those IPs are indeed valid. > Given the way the sites are being attacked (DDoS, SQL Injection et al), you > could be seeing one. If you see a high load and your website is accessed by > users spread globally, you should try out a Content Delivery Network like > Akamai to meet the scale and improve the performance of your web-site > without compromising on the end-user's site navigation experience. > > Regards, > Shreyas > > On Fri, Jun 11, 2010 at 3:06 PM, Ashley Sheridan > <ash@xxxxxxxxxxxxxxxxxxxx>wrote: > > > On Fri, 2010-06-11 at 15:13 +0530, Peter wrote: > > > > > Hi Ashley, > > > > > > Thanks for your answer. > > > > > > When too many users log in at the same time, the server gets loaded > > > with multiple sessions files that leads to complexity and crashes the > > > server. In such cases how do we handle this ? > > > > > > Thanks in advance > > > > > > Peter > > > > > > > > > Ashley Sheridan wrote: > > > > > > > On Fri, 2010-06-11 at 13:01 +0530, Peter wrote: > > > > > > > > > > > > > > > > > Hi All, > > > > > > > > > > My Question is "How does php server identify that the particular > > session > > > > > belongs to particular user?" > > > > > > > > > > Please help me out > > > > > > > > > > Regards > > > > > Peter.m > > > > > > > > > > > > > > > > > > > > > > > > > > All the session data is stored on the server either in a database, file > > > > or memory against a unique ID value. The server handles how this is > > > > done, and it's likely you won't ever need to get involved with changing > > > > how it does things. > > > > > > > > >From the client-side of things; the user agent (browser) sends this > > > > unique ID either as part of the URL or with the headers as a post > > > > variable, which is why you may see a PHP_SESSION_ID (or something > > > > similar) index in the $_REQUEST array when you use session_start() in > > > > your scripts. > > > > > > > > Has this helped? > > > > > > > > Thanks, > > > > Ash > > > > http://www.ashleysheridan.co.uk > > > > > > > > > > > > > > > > > > > > > > I don't think it's the sessions that are crashing your server, it's more > > than likely something else. What is the server load when you notice the > > crashes? How many people are visiting your site simultaneously at that > > point? > > > > Thanks, > > Ash > > http://www.ashleysheridan.co.uk > > > > > > > > It might not even be as bad as that. It could be that you're just hitting the max number of connections that the server is configured to handle, or that the current number of connections is reaching the memory limit. Maybe the sessions are set up to be stored in files on the server on a separate partition, and that has reached capacity? There are a number of reasons which could cause the server to appear that the sessions are causing a problem that is not a DDoS attack ;) Thanks, Ash http://www.ashleysheridan.co.uk
