An unexpected database error occurred. Please try again later.

CoinBit

Member
Hi. I upgraded the Xenforo from 2.2 to 2.3 and it's giving me this error.

An unexpected database error occurred. Please try again later.

upon checking the source code it says

<!-- User &#039;u811976095_maghrib_pk1607&#039; has exceeded the &#039;max_user_connections&#039; resource (current value: 100) -->

The website works sometimes and then down again. I was out and it stopped working again and haven't come online since 2 hours. The upgraded is very buggy as it destroyed all my skins and probably playing with the add-ons. I have changed the default skin to Xenforo's original and turned off most of the add-ons and was hopefully it is fixed. Any advice will be helpful.

I also checked for years my resources used at the host were not exceeding 8-10% but now suddenly its throwing errors like the following.

Thank you


Resources Usage _ Hostinger.webp
 
You'd need to identify what's initiating 100 concurrent connections. If it's stemming from a huge volume of requests, then it's likely a DDoS. If you just enabled Cloudflare, ensure your IP address has been rotated. If it has, you should make sure the new IP address isn't leaking (configure an HTTP proxy, use an email service that does not include the origin IP in the headers, etc.).
 
Didn’t do anything like that

I think it is too many guests on my board despite the board being off for guests

That is what @AndyB access log shows
if you are sure there is no running tasks (you can check xf_job table, and see things unusual other than XF:UpgradeCheck), then must be caused by visitors (whether real human, or bots).

If i check those IP addresses, they seem from a datacenter, meaning big possibility they are bots.

You can block them on cloudflare (if you use cloudflare), in your server firewall (if you have access to), or in your htaccess.
 
if you are sure there is no running tasks (you can check xf_job table, and see things unusual other than XF:UpgradeCheck), then must be caused by visitors (whether real human, or bots).

If i check those IP addresses, they seem from a datacenter, meaning big possibility they are bots.

You can block them on cloudflare (if you use cloudflare), in your server firewall (if you have access to), or in your htaccess.
It is clearly a DDOS attack and nothing else.

It shows there were 54 million requests made to the domain in last 7 days. The cloudflare has been helping a lot and reduced the requests to less than 200k. But still there are requests slowing everything down.

It's effectively fighting against the bots but I am still getting some bots on the website leading to the website slowing down or down from time to time
 
turn on i am under attack option. that should provide you some breathing room while deciding how to tackle this long term.

cloudflare also has extensive bad bot blocking options.

47.238.x.x and 8.218.x.x series appears to be alibaba. if china is not a market you cater to, it might be worth considering blocking all traffic from china.
125.99.x.x is from india... again if india is not a target market, you could consider blocking or rate limiting traffic from indian ips.
 
turn on i am under attack option. that should provide you some breathing room while deciding how to tackle this long term.

cloudflare also has extensive bad bot blocking options.

47.238.x.x and 8.218.x.x series appears to be alibaba. if china is not a market you cater to, it might be worth considering blocking all traffic from china.
125.99.x.x is from india... again if india is not a target market, you could consider blocking or rate limiting traffic from indian ips.
Unfortunately I have visitors from USA, UK. India, China, Russia, Pakistan, Middle East and Australia. So it is difficult to completely block the country however I am temporarily blocked Hong Kong, raised security levels for USA and Russia and it seems to be controlling most bots.

what would be the best settings for rate limiting as i am trying to figure out but I haven't been able to set anything so far

If possible I would appreciate a screenshot to follow
 
it seems that you can set i'm under attack for specific ip ranges. maybe that could help.


also important is as mentioned in a post above, you need to make sure your ip isn't leaking. if your ip is being attacked, cloudflare wouldn't be able to do anything.

also consider using @digitalpoint cloudflare addon and turn on guest caching. it might take a lot of guest/bot load from your board!
 
I must extend my heartfelt thanks to @Jeremy P and @AndyB for all the efforts they have made to save my website.

I am highly impressed with the knowledge of both, but Jeremy is a superhuman in this field. He knew the answer to every question and resolved my 300-word long posts in just 30 seconds of work. I must thank him again for the patience he showed after I sent him long posts in private messages.

I apologise for any inconvenience this may have caused you. It seems like my issue is finally resolved as everything seems to be working fine and 100% of the bots are now being tackled by Cloudflare.

Cloudflare is a blessing in disguise as it wouldn't have been possible without it.

Thank you @Old Nick @HappyWorld @Chromaniac and everyone else who helped me in this thread.
 
the end book GIF by funk
 
Well here you go,

The DDoS is notending. Another attack and the site is down again. Received about 3.7 million domain requests between 9am to 10am. Cloudflare shows it had a bandwidth of about 37gb. Seems like everytime I change my assigned IP address, the attacker finds out the new IP and diverts the attack on new address despite the fact that my IP is proxied from cloudflare. But it must be leaing from somewhere I reckon?

I am wondering what is the average cost of DDoS attack if someone is so desperate to down my website with about 60 million domain requests in 8 days
 

Does have option to hide origin url from unfurl and proxy images. I would suggest trying this addon. Use the guest page cache option with long cache. And of course hide origin url.
It's already there and @Jeremy_P did the settings so I am guessing it must be correct. I have a feeling that the cloudflare is protecting the site right now but the site is down because of the host at the moment. That is because I see cloudflare received 3.7 million requests but the data on my hosting shows only 500 requests. So I am guessing it's filtering out - or maybe cloudflare is blocking again --- as I have got 5 WAF rules + 1 limiting rule to say that block the access if a certain number of requests made from the same IP within a certain timeframe.
 
Well here you go,

The DDoS is notending. Another attack and the site is down again. Received about 3.7 million domain requests between 9am to 10am. Cloudflare shows it had a bandwidth of about 37gb. Seems like everytime I change my assigned IP address, the attacker finds out the new IP and diverts the attack on new address despite the fact that my IP is proxied from cloudflare. But it must be leaing from somewhere I reckon?

I am wondering what is the average cost of DDoS attack if someone is so desperate to down my website with about 60 million domain requests in 8 days

They put the biggest Ddos in my ass. What happened? The 8-year-old baby community is still standing.
 
They put the biggest Ddos in my ass. What happened? The 8-year-old baby community is still standing.
I learned new ways to handle it and the DDoS is no longer a threat to me. The biggest attack, I noticed was when he injected 20 million domain requests within 60-90 minutes and 170gb of bandwidth. But the website remained lightning-fast without any effect. Despite the severe attack, I felt it had 0% impact on the site and would easily handle it even if the attack was 300% bigger.

Sorry, can't reveal it in public to protect the safety of my site.
 
Back
Top Bottom