XF 2.2 Too many Guests

E

emaw

Active member
Hi all, happy 2025!

Our forum is small and never has over 20 registered users logged in, but recently it's been getting stuck due to 3000+ "Guests"/unregistered visitors arriving at the same time, which eventually triggers this error:
  • MySQL query error [1114]: The table 'xf_session_activity' is full
and the forum content becomes unavailable and displays a standard message on the front end about a problem generating content. Then it seems to resolve itself and the content comes back up, but this is happening more and more often - a few times a day now. I suspect content scrapers for AI but 🤷‍♀️ i just really want the forum to be stable again.

I've set the forum not to display to unregistered users, but that makes no difference

I've checked access logs - user agents and IP addresses are not showing any obvious (to me anyway) culprits whose IP I could block

I've looked up the database error and found various obscure suggestions but i hope there may be a better way to sort this out than fiddling with the database?

Any suggestions would be very much appreciates, thanks in advance
 
Sort by date Sort by votes
MySiteGuy said:
will not fix the underlying issue with too many bots.
Click to expand...

I too have been getting hammered with what I'm assuming is content scraping for AI training coming through thousands of residential proxies spread around the world. I've found it very difficult to block these, and while this probably isn't the best solution by any means, I'm now using this Cloudflare security rule to force an interactive challenge for everyone other than:

1. People in a couple of specific countries relevant to my user base, and
2. All verified - BUT NOT FKIN AI - bots

So far so good - once enabled, my guest count dropped from 1,900 guests to 61. "Real people" should should still be able to click through the challenge. Obviously anything being proxied through the whitelisted countries will still get through, but it'll do for now.



1753125480523.webp
 
Last edited:
Upvote 1 Downvote
emaw said:
I'm hoping this might be fixable without resorting to cloudflare, for various reasons i'd prefer not to use it.

Someone suggested adjusting a regular cron job to empty out that table more often https://xenforo.com/community/threads/the-table-xf_session_activity-is-full.228324/post-1750329 , that sounds like it might do the trick, but seems not to be possible in the admincp :(

I'd really appreciate to get this sorted out - it's a critical issue for our forum
Click to expand...

reporting back:

the fix was to update the linux software and database :)
 
Upvote 0 Downvote
emaw said:
I'm hoping this might be fixable without resorting to cloudflare, for various reasons i'd prefer not to use it.

Someone suggested adjusting a regular cron job to empty out that table more often https://xenforo.com/community/threads/the-table-xf_session_activity-is-full.228324/post-1750329 , that sounds like it might do the trick, but seems not to be possible in the admincp :(

I'd really appreciate to get this sorted out - it's a critical issue for our forum
Click to expand...

In 2025 it is unthinkable to have an active hole and not to use cloudflare that, among other things, in the free version it goes more than good!
 
Upvote 0 Downvote
lucien_lies said:
I was hit by a swarm of bots from Singapore , I had to put under attack mode in cloudflare because my server couldn't handle so many connections, a +900% increase in hours
Click to expand...
Haha, I just had that Singaporean swarm on me for days. 1,200 visitors concurrently. 100's of IP's.
 
Last edited:
Upvote 0 Downvote
beerForo said:
Is there a guide on how to implement cloudflare for this issue?
Click to expand...
  1. Send all your traffic through CloudFlare (toggle to the "orange cloud" in your CF DNS settings)
  2. Lockdown ports 80 and 443 on your server to ONLY accept the IPv4 ranges of CloudFlare
    • Drop all other packets on your server at the firewall if they're not a CF IPv4
  3. Add a rule in CloudFlare security (assuming its Singapore for instance)
    • (ip.geoip.asnum in {16509 45102 136907} and not cf.client.bot)
Instead of the ASN's you could just do the wider country of "SG", but everything I read says Huawei, Amazon and Alibaba are the worst offenders. My attack was from Alibaba; but I did the other two as a preventative measure.

Once setup, adding the rule instantly stopped 1200 concurrent users; had a few hundred thousand block reports the first day, and within 3 days they're down to just 18,000 today; but #1 above stopped most; and if/when they hit my server IP directly the packets are dropped instantly because of #2 above (I have a mail server so they did get my IP through the MX record).

* above works with the free version of cloudflare *
 
Last edited:
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

Liam C.
Too many connections - bots?
Replies
1
Views
87
Sim
Sim
R
  • Question Question
XF 2.3 XF\Db\Exception: Too many connections
Replies
6
Views
155
RenegadeMonster
R
Levina
  • Question Question
XF 2.3 Strange guests...
Replies
1
Views
65
Levina
Levina
Tom McIntyre
  • Question Question
XF 2.2 too many usergroups?
Replies
8
Views
115
MentaL
MentaL
S
Add-on Looking for the best addon to show partial thread content to guests
Replies
7
Views
113
RoyalRumble
R
Back
Top Bottom