[TAC] Bot Arrestor

[TAC] Bot Arrestor [Paid] 2.0.12

No permission to buy ($19.00)
Overview Updates (22) Reviews (1) History Discussion
I got hundreds of these today:

Zend_Db_Statement_Mysqli_Exception: Mysqli statement execute error : Lock wait timeout exceeded; try restarting transaction - library/Zend/Db/Statement/Mysqli.php:214
Generated By: Unknown Account, 52 minutes ago
Stack Trace
#0 /library/Zend/Db/Statement.php(297): Zend_Db_Statement_Mysqli->_execute(Array)
#1 /library/Zend/Db/Adapter/Abstract.php(479): Zend_Db_Statement->execute(Array)
#2 /library/XenForo/Model/DataRegistry.php(164): Zend_Db_Adapter_Abstract->query('\n\t\t\tINSERT INTO...', Array)
#3 /library/XenForo/Application.php(950): XenForo_Model_DataRegistry->set('simpleCache', Array)
#4 /library/Tac/DeDos/Model/DeDosCache.php(1231): XenForo_Application::setSimpleCacheData('dd_known_dos', Array)
#5 /library/Tac/DeDos/Model/DeDosCache.php(47): Tac_DeDos_Model_DeDosCache->removeOldDDKnownDos(Array, true)
#6 /library/Tac/DeDos/Listener.php(126): Tac_DeDos_Model_DeDosCache->checkGlobalCacheForKnownDos()
#7 /library/XenForo/CodeEvent.php(90): Tac_DeDos_Listener::init_dependencies(Object(XenForo_Dependencies_Public), Array)
#8 /library/XenForo/Dependencies/Abstract.php(215): XenForo_CodeEvent::fire('init_dependenci...', Array)
#9 /library/XenForo/FrontController.php(127): XenForo_Dependencies_Abstract->preLoadData()
#10 /index.php(13): XenForo_FrontController->run()
#11 {main}
Request State
array(3) {
["url"] => string(42) "https://forum.com/dedos/js-detection"
["_GET"] => array(0) {
}
["_POST"] => array(4) {
["uuid"] => string(18) "f5dd95a9d9ad10f9f3"
["_xfRequestUri"] => string(58) "/threads/ 298684/"
["_xfNoRedirect"] => string(1) "1"
["_xfResponseType"] => string(4) "json"
}
}
 
Actually it happened before. Here is some more information from @pegasus the developer of Vaultwiki:
Pegasus said:
Since you started posting major problems similar to this around September (you had reported similar issues after 4.0.19 and 4.0.20 as well), and Bot Arrestor appears to have been installed in mid-July, I have looked into that add-on a little more closely. In my opinion, Bot Arrestor attempts to update xf_data_registry way too frequently:

I could be mistaken, because I have only just seen the code now and have never used this add-on before but...
It appears that for every request (or a large subset of requests), Bot Arrestor will log the user's IP and other browsing information in order to track that IP activity against its threshold to decide whether the user is performing too many requests and possible DOS.
For each metric it tracks, it stores all IP activity (I mean for all IPs of all visitors together) in a single xf_data_registry entry. It compares this entry on every request (or again, in a seemingly large number of requests), and updates the entry on every request. When you have a lot of users online at once, this can cause a major bottleneck, because they are all attempting to read and write the exact same row at the same time. This is a deadlock situation.
Bot Arrestor does not need to be designed this way. From the code comments, it might be that the add-on is trying to save queries. But if it needs new information that is not already tracked by XenForo's standard IP log, it can either extend the existing log or extend the session table. In this way, it will only ever need to compare/update 1 row at a time, and probably never have a deadlock.

I would try disabling Bot Arrestor to see how much, if any, improvement there is, especially over time and during peak hours. Even if it was not the cause of the issue, I would still strongly recommend the coder redesign the storage method of its tracking data.

VaultWiki and other add-ons also use xf_data_registry, and although you may occasionally have a bottleneck due to that, I doubt any of the situations come close to the Bot Arrestor situation, because most add-ons update xf_data_registry infrequently in comparison.
Click to expand...
https://www.vaultwiki.org/issues/5369/

After disabling bot arrestor load went down again and the site is running smooth with equal amount of visitors now.
 
Last edited:
My site loads a massive amount of bytes from SimpleCache for every page load. This is caused by a number of addons. FBHP & DeDos use the following:
["fbhp_bot_ips"]=> int(1857)
["dd_css"]=> int(2581)
["fbhpSuspiciousHosts"]=> int(1356)

This is quite high. Could you please see if this can be reduced by moving it out of simplecache to preLoadData?
 
I'll do whatever's the best practice (this is one of those I'll likely port to XF2 so it's basically prep). But these add-ons are as remote from any concept of "maintainable" as you can imagine, so it won't be brisk.
 
I have disabled bot arrester due to the above. But none the less its still active. In my error log I find thousands of these:
Code: 
[Fri May 04 00:10:50.804577 2018] [access_compat:error] [pid 30679] [client xxx:39681] AH01797: client denied by server configuration: /dedos/js-detection, referer: /threads/101134/
 
Alfa1 said:
I have disabled bot arrester due to the above. But none the less its still active. In my error log I find thousands of these:
Code: 
[Fri May 04 00:10:50.804577 2018] [access_compat:error] [pid 30679] [client xxx:39681] AH01797: client denied by server configuration: /dedos/js-detection, referer: /threads/101134/
Click to expand...
Could be due to caching, is it still happening?
 
This resource has been removed and is no longer available. The following reason was provided:
This resource has been deleted by XenForo Ltd. in line with our resource housekeeping criteria.
Click to expand...
 
You must log in or register to reply here.

Similar threads

Yugensoft
Add-on Offer: Sale of IP Rights of All Addons
Replies
10
Views
2K
ssj2_ssbm
ssj2_ssbm
tenants
Spambots attempting to register by facebook
Replies
1
Views
653
RandallC
RandallC
DRE
KnownHost Server Configuration?
8 9 10
Replies
183
Views
21K
craigiri
craigiri
Top Bottom