-
-
Notifications
You must be signed in to change notification settings - Fork 214
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Question]: huge table e107_session #5262
Comments
Hi, it was discussed on gitter some time ago. A session record is created for boots too. I reported it. Not sure if an issue was created. it is around Thu, May 11, 2023 , you can look for word sessions. Although there currently isn't a way to clean up guest sessions sooner, you could create a cron job script like this:
(I haven't tested it myself, but it should delete guest sessions older than 1 hour.) |
I have blocked them in .htaccess !
I don't see them anymore in the admin panel and the number of entries in the table seems to decrease ... but it's only 10mins ago so it will take time |
@ericc-dream You'll have a lot of IP's to block, that's just a very very very small tip of the iceberg.... I've used some third party software to block those bots right from the start, and i'll try to use it again when i got my site back up and running, because i had the same issue that you have, and my db just was groing everyday... For me, that software was the best and easiest approach |
@rica-carv I will add badbehaviour script for other cms they are very satisfied with it too. The topic above (at least part of it) was about the life of the quest session - I complained about this a long time ago. They should be deleted after an hour by core, Or you can set the session lifetime to an hour and you will not have this issue. |
So I don't really mind about bots ... at the end, they can help to have some traffic But if you can share the name of the "third party software" that you used ... in case of need ? |
@ericc-dream CIDRAM |
The SFS plugin is used on registrations (or on already existing accounts) to check against the stopforumspam database. If a match is found, the registration is denied. It does not block visitors/guests (bots or not), so it will not help solve this issue. Sessions will still be created. |
And expanding the .htaccess file, this line is to block bad bots? Block Bad Bots
|
You'll never get all bots blocked by using htaccess as you're always one step behind. It has become an entire business model to sell packages of IP ranges for bots to use, or for individuals to buy to then block those same IP addresses. Additionally, using htaccess to block bots strains server performance and affects loading times. The solution to this issue is not blocking but implementing proper session handling and cleanup. Please refrain from further comments on blocking bots in this issue report. @Deltik do you have some enhancements planned for session handling? |
To give an update I'm agree with @Moc , we can't win at this game. htaccess was a solution done in urgency to block a too aggressive bot, but not a definitive one. Is there a way to change this session time from the admin pages ? And for my personal knowledge : What will be the consequence for a non-logged person if the session time is like 2min by example ? |
The method e_user_model::isBot() could help with this. |
Question
Hi
I have a question.
I'm moving my site to some different hosting and I noted something "annoying"
When I exported my database from the server of my old hosting, it had a size of around 8Mb give or take
I restored everything less than 1 week ago, and today I tried to export it again , and the size is now 25Mb !!! more than 3 times ...
more specifically the table e107_session is now more than 17Mb alone !
I had 6 rows inside, I have now 17334 ... and 17333 have "session_user = 0"
I wonder, do you store the session ID for every visitor of the site in this table ?
it's a little bit too much ... taking into account that I have only 2 users on my site, including myself
How can I limit, reduce that ?
I see a lot of bots hitting my site and crawling in the forum, mainly from "semrush"
I guess that they are the reason of the explosion of my database
Do I have a simple way to block this bot(s) ?
In a more general question :
When I export my database , is there some tables that I can exclude ?
If a table doesn't exist, is the code able to recreate it ?
(I can export the "CREATE" but not the content eventually)
Expected Source
I checked the content of the current DB with the previous export
Additional Context
No response
The text was updated successfully, but these errors were encountered: