Mattermost Peer-to-Peer Forum

(Solved) DDoS Mattermost, with Mattermost


#1

For feature requests, please see: http://www.mattermost.org/feature-requests/.

For troubleshooting questions, please post in the following format:

Summary

We managed to DDoS Mattermost and our applications, thanks to a link in a message

Steps to reproduce

How can we reproduce the issue (what version are you using?)

We are using Mattermost version 5.3.1.

Here are the steps to reproduce:

  1. Call a invalid url in our application, that create an error in our application
  2. The application generates a notification to Mattermost containing the called url in payload
  3. Mattermost (I don’t why and how) called the url included in notification
  4. The application send a new notification
  5. Repeat until DDoS both Mattermost and our application

Expected behavior

Describe your issue in detail

Mattermost should not call the url that is in a message.

Observed behavior

What did you see happen? Please include relevant error messages and/or screenshots.

Our application and Mattermost are on 2 different servers. We detect that our application was DDoSed by client with user agent Go Http Client from the same IP address than Mattermost server.

We stop one by one services running on this server, and the flood only stop when we shutdown Mattermost server.

I can’t provide screenshot for the moment because we stop Mattermost until we have more details of what causing this bug.

Thanks


#2

Update!

I’ve updated our Mattermost to version 5.5.0 and did not managed to reproduced this bug.