Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Account was suspended due to a high amount of resource usage being consumed from vanilla forum.

edited September 2012 in Vanilla 2.0 - 2.8

So, I run a site that gets a decent amount of traffic and my host suspended my account today.

1st I got this:

Your account was actually suspended due to a high amount of resource usage being consumed over a short period of time. Upon taking a closer look at your site, it appears that you are experiencing a decent amount of traffic [ 120,332 hits since yesterday ], sometimes up to almost 10,000 hits in an hour.

Despite the fact that you do have a caching solution implemented and it seems to be configured correctly, this amount of traffic is definitely outside the realm of shared hosting for a Wordpress site [ not just for us, but any shared hosting provider ].

Then after asking what would be causing this spike, they responded with:

Thank you for getting back to us.

This doesn't appear to be a DDOS, as a majority of the hits are POST requests to the following page:
http://atpr.me/forum/dashboard/notifications/inform
This looks to be a notification system for new posts in replies to existing posts made by the user that's making the recorded hit, or something similar. Unfortunately, POST requests tend to be more resource intensive on the server than GET requests, as GET requests can be cached. There is no way to predict what the POST requests will contain, so they cannot be cached. As it stands, totalcache is having no effect on these requests, and as they are the most prevalent, it means totalcache is having very little effect at all. I'm not personally familiar with Vanilla Forum, but you may want to see if these notifications can be disabled. As an alternative, something like PHPBB might be considered. It was built from the ground up to be a forum application.

So, what should I do?

Comments

  • mcu_hqmcu_hq yippie ki-yay ✭✭✭

    Sounds like you have a very informative host that cares about their customers with that analysis.

    See here: http://vanillaforums.org/discussion/20661

    You should either eliminate all notifications or make the javascript (I think in global.js) perform a POST only once in a while (depends on your load).

  • AoleeAolee Hobbyist & Coder ✭✭

    yes try reducing the frequency of the function doing the ajax request. also had experienced when i was in shared host. but i opted to get a vps instead.

  • Thanks guys. My host had mentioned possibly moving me to a vps, which I'm not opposed to. It would be nice if I could remove those basic notifications (user x commented on your post xxx) but I'll try reducing the notification time to like 20 mins or something. I don't see a need to have urgent urgent forum notifications when the users aren't getting emailed when that happens.

  • My host says that my change hasn't really changed.

    I am still seeing a large number of POST requests to /forum/dashboard/notifications/inform. Your usage overall this last hour appears to be following the trend of the other previous hours.

    Not sure what I should do now though.

  • I don't know what you have change but this is a client side script meaning it could be browser cached.

    So if they keep their browser open it will continue to poll, they will not have the new script in effect.

    I'm not necessarily discrediting the guy, but "resource" is a vague term, there is many reasons behind resource usage. even if it is polling a lot, it is also to do with all those request added up which may being inefficient in itself.

    The guy is going to make his best guess, based on his logs, he is not going to spend hours looking into it.

    I remember once a client getting back to me a host tech had mention a totally redundant section of the site, that hadn’t had activity in months. It turned out he had got his log upside down and he had mention the leasts requested thing. On cheap host the people doing the tech don't have the know how to setup and deploy the server, they are doing a tech support job, which is largely scripted FAQ.

    grep is your friend.

Sign In or Register to comment.