Is my forum on the right VPS?

[Jeffin]

Hi, I am wondering whether my forum VPS hosting has the right specs. In the past few months, my forum has been frequently hit by spam registrations and so much that the site goes down for a few minutes and sometimes hours. My forum has only about 7.5k members and usually less than 10 online members, around 100 guests and 20 robots at a given time. I know it's the spam bots that slow my site because usually after a downtime, I get a lot of spam registration awaiting my approval.

I have StopForumSpam, Project Honey Pot, CAPTCHA , Manual Approval enabled and registration timer set to 40 seconds.

My VPS server has the following specs:
60 GB Storage, 1 TB Monthly Transfer, 768 MB Guaranteed RAM, 1.5 GB Burst RAM, Hardware RAID 10 and is hosted by ServInt (their support is awesome by the way). The plan is called Essential VPS and costs me about $50/month.

Just yesterday they temporarily upgraded me after a downtime to see if my forum would do better on a higher plan and the site did do much better on their higher Signature VPS plan.

My question is: For a forum of my size isn't the current Essential VPS plan way too much? Or do I really need to upgrade?

Need some expert opinions please. I have also attached a Google Analytics report with this post. Thanks for your help.

 

[Moshe1010]

With these analytics, I would say that you don't really need VPS and you will be better on a good shared hosting plan (Which ServINT doesn't offer).
On a shared hosting you can use much more RAM and CPU than on ServINT, and your website isn't big enough in order to really NEED VPS server.
For the Spam problem, just install KeyCaptcha and your spam would go to zero without the need for manual approval or annoying CAPTCHA:
http://xenforo.com/community/resources/keycaptcha-interactive-captcha.987/

You can also block spam countries like China/Ukraine if you don't have traffic from these areas.

 

[Jeffin]

Thanks Moshe. So shared hosting is better for me. Any recommendations?

Servint guys told me that the issue looks to be caused by repeated apache requests per second from different IPs accessing this site and that the server load is almost 200. What does that mean? Are they spam bots or DDos attack?

 

[Jesepi]

Are you only running xenforo on that site? You should be able to host a pretty busy community on the base ServInt plan. Have they enabled an opcode cache for you? Ask them to do that, and also turn on CSF if it isn't enabled. If they can see if the IPs are coming from a particular country, blocking that country might be an option if you don't care about that country visiting your site. In the case of one of my forums, blocking china stopped over 90% of my spam issues and my legitimate traffic didn't change, as the majority of my users are United States, UK, and Australia.

 

[Jeffin]

I just asked them to upgrade it asap. I couldn't bear to see me forum down. I have never been severely hit by spam until recently.

Other than the inbuilt spam prevention system in Xenforo and CSF, what else can be done by the hosting company to secure the server? Is there already a thread about this here?

 

[Jeffin]

My host said this now:

Since the site was suspended, we see the following in the logs:

GET /cgi-sys/suspendedpage.cgi?u=xxxxxxxxx

from different IPs. I'm guessing this particular username's password has been breached. Is there a way for you to ban that user in the database directly? We can then unsuspend the site and see if the loads remain normal.

-----------

Is there a way to ban that user in the database?

 

[TPerry]

Is there a way to ban that user in the database?

Are you referring to a forum user?
Do you have phpMyAdmin installed? If so, you should be able to go to the xf_user table and select the user and then at is_banned change the 0 to a 1.

 

[Jesepi]

I'm not sure how that would do anything - couldn't they just sign up as another user? What exactly are they doing that is killing performance?

 

[Moshe1010]

Thanks Moshe. So shared hosting is better for me. Any recommendations?

Servint guys told me that the issue looks to be caused by repeated apache requests per second from different IPs accessing this site and that the server load is almost 200. What does that mean? Are they spam bots or DDos attack?

@Mike Edge is well known here for a shared hosting plans. Take a look at xfhost.net for additional information. It basically depends where most of your traffic comes from.

 

[Floren]

My VPS server has the following specs:
60 GB Storage, 1 TB Monthly Transfer, 768 MB Guaranteed RAM, 1.5 GB Burst RAM, Hardware RAID 10 and is hosted by ServInt (their support is awesome by the way). The plan is called Essential VPS and costs me about $50/month.

Why you don't get an OVH dedicated server, for the same price?
They are selling out like hotcakes... If you know what you are doing, you can set the server from scratch with a clean minimal install. Not to mention the OVH specs will blow your current ones.

 

[WSWD]

Not really sure why everyone is recommending a new provider, when it likely isn't the provider's fault to begin with. Jumping from provider to provider isn't going to solve the actual problem.

If the server load is almost 200, something is going very wrong with your site. Not sure if it's spam registrations or a DDoS attack or what it is, but before you do anything, you need to figure that out. There is clearly something hitting your site ridiculously hard if it's maxing out the Apache requests. Changing providers is NOT going to fix that.

Why not get a OVH dedicated server? Because it's unmanaged, they are renowned for their crappy network and horrendous support. That would be my first reason not to. Secondly, OVH is running out of money, because they don't know how to run a business. Their turnover is so high, that they are left with old equipment that nobody wants and that they can't sell. They put a complete hold on new orders to figure out how the heck to stay out of bankruptcy.

Jeffin, Servint is a fully-managed provider, and you're paying fully-managed prices. Ask them to look into it a little deeper for you.

 

[Moshe1010]

Not really sure why everyone is recommending a new provider, when it likely isn't the provider's fault to begin with. Jumping from provider to provider isn't going to solve the actual problem.

If the server load is almost 200, something is going very wrong with your site. Not sure if it's spam registrations or a DDoS attack or what it is, but before you do anything, you need to figure that out. There is clearly something hitting your site ridiculously hard if it's maxing out the Apache requests. Changing providers is NOT going to fix that.

Why not get a OVH dedicated server? Because it's unmanaged, they are renowned for their crappy network and horrendous support. That would be my first reason not to. Secondly, OVH is running out of money, because they don't know how to run a business. Their turnover is so high, that they are left with old equipment that nobody wants and that they can't sell. They put a complete hold on new orders to figure out how the heck to stay out of bankruptcy.

Jeffin, Servint is a fully-managed provider, and you're paying fully-managed prices. Ask them to look into it a little deeper for you.

My recommendation was based on his website's size. He's currently overpaying for the specs he could get somewhere else.

 

[WSWD]

My recommendation was based on his website's size. He's currently overpaying for the specs he could get somewhere else.

Sure, if you all you want to compare is prices and specs, he could most definitely get better prices elsewhere. Heck, he could get that VPS for under $3/mo. from some providers. Might as well get the $5/mo. OVH dedicated server special.

That's what happens way too often in this industry. There are WAY more things to take into account that price vs. specs. He has a good VPS, management services, and a cPanel license for $49/mo. That's a pretty good price, if you ask me.

Looking back at the OP's post, and at Servint's website, if you are running cPanel Jeffin, which I assume you are since it's included for free, that's part of your problem. cPanel is going to eat up that 768mb worth of RAM (and other resources) like it's nothing, which is a partial explanation for why the upgrade helped. You failed to mention in your original post if you were running cPanel or not. Get rid of cPanel and you will notice a huge overall improvement. cPanel's recommendation is 1GB of RAM, and that's always my low-end recommendation as well. I've seen cPanel run on 512mb of RAM, and 768mb of RAM, and it's usually not pretty.

Contrary to what others here might say, that actually is a fairly large forum for your current VPS specs, considering that cPanel is going to be using the majority of resources for itself.

Still need to fix the DDoS/registration issue too. That's not helping matters.

 

[Moshe1010]

Sure, if you all you want to compare is prices and specs, he could most definitely get better prices elsewhere. Heck, he could get that VPS for under $3/mo. from some providers. Might as well get the $5/mo. OVH dedicated server special.

That's what happens way too often in this industry. There are WAY more things to take into account that price vs. specs. He has a good VPS, management services, and a cPanel license for $49/mo. That's a pretty good price, if you ask me.

Looking back at the OP's post, and at Servint's website, if you are running cPanel Jeffin, which I assume you are since it's included for free, that's part of your problem. cPanel is going to eat up that 768mb worth of RAM (and other resources) like it's nothing, which is a partial explanation for why the upgrade helped. You failed to mention in your original post if you were running cPanel or not. Get rid of cPanel and you will notice a huge overall improvement. cPanel's recommendation is 1GB of RAM, and that's always my low-end recommendation as well. I've seen cPanel run on 512mb of RAM, and 768mb of RAM, and it's usually not pretty.

Contrary to what others here might say, that actually is a fairly large forum for your current VPS specs, considering that cPanel is going to be using the majority of resources for itself.

Still need to fix the DDoS/registration issue too. That's not helping matters.

You can find many things, but ServINT isn't the only company in the world with good support. He can get shared hosting, with cPanel, not thinking about RAM/CPU usage, at a different provider for half if not third of the price he's paying right now (and also get the same support or even better support). From my experience with ServINT, if it's anything that they don't like - they don't support. For example forget support for xCache, Litespeed and such. These are important things to consider. In addition, too many people involved there at the same support ticket and sometimes there is lack of understanding/difficulty to communicate with them. This is my experience anyway. Paying $89/month for a website it's just insane.

 

[WSWD]

Paying $89/month for a website it's just insane.

Like I said, there is more to it than price vs. specs. I have dedicated server clients paying me $1000+ a month. You'd call it insane; they call it peace of mind.

 

[Moshe1010]

Like I said, there is more to it than price vs. specs. I have dedicated server clients paying me $1000+ a month. You'd call it insane; they call it peace of mind.

You can get peace of mind at many other places. You just need to shop around, and it looks like OP doesn't mind to do that.
And yes, paying $1000/month for a dedi is just plain stupid. It's better buying the server and paying you just for support if that's the case–but people do there own math I guess.

 

[WSWD]

And yes, paying $1000/month for a dedi is just plain stupid. It's better buying the server and paying you just for support if that's the case–but people do there own math I guess.

They understand that every minute of downtime could cost them literally thousands of dollars worth of sales. They like the fact that we give them their own direct phone number which is answered by the 2nd ring, and that we actually have a physical office they can come into if they need to. Like I said, they're paying for peace of mind.

You might have had a bad time with Servint, but if the OP has had a good experience, perhaps 100% uptime until now, etc., then it's well worth the $49/mo. that he has been paying. Like I said, it's WAY more than price vs. specs. and unfortunately, it just seems some people can't get over that. Those are the same folks who jump around from budget provider to budget provider and wonder why they have downtime, etc. Oh well.

And as I mentioned, switching providers is NOT going to change the fact that the OP's apache is being bombarded with requests. That's something that needs to be fixed regardless of where he goes, and right now, the place to fix it is on his current VPS, so he can actually get the forum back to a usable state for his users. He is losing "business" every minute his forum is in the current state.

Let's try to help him get things sorted out.

 

[Carlos]

If I were you, I'd gone through the list of members via admin cp and start deleting members that you think is suspicious. And discouraging those IP's before deleting, too. I think the problem here is that the IP's are hitting your server, thinks that you are "too easy" to bypass. You need to take a stance against spam. You need a good CAPTCHA system in the frontline (when you register), and you need a spam prevention system - at least two layers.

My site was hit with constant spam until I caught on it. Then after that, I was very meticulous about spam that every time google or another bot looks at a profile, I go, log in and delete. Or ban, whatever's appropriate for the situation. My server would go down either when spammers starts trying to jump on the bottleneck of the server, or when it's a busy day.

My first stop would be the culprit of this entire situation: Find the IP in the ACP, discourage, and then choose either one: Ban the account, or delete the account. 50% of the time spammers hit your site is because the bots are "listening" to your spam noise. I learned this the hard way after the spam attack in August 2012.

 

[Jeffin]

It's spam issue. My site went up for a few hours and now I have 96 registrations awaiting approval and almost all are spam. Do spam target sites specifically? Why would it be my forum?

 

[TPerry]

It's spam issue. My site went up for a few hours and now I have 96 registrations awaiting approval and almost all are spam. Do spam target sites specifically? Why would it be my forum?

If you aren't already using it, I suggest trying @tenants free version of his spam prevention suite (FoolBotHoneyPot, his imgcaptcha, AnyApi and StopHumanSpam primarily). It stops a all the spam registration attempts at the front door on my sites.