Urgent Help Needed - Too Many Connections - Site Mostly Down

Hi! Unfortunately we are facing a really strange issue.

Suddenly since yesterday morning, cs-carts log is saying User xxx already has more than 'max_user_connections' active connections in /home/xxx/public_html/app/Tygh/Backend/Database/Mysqli.php on line 40

Our host has tried all night to resolve it without success. They even moved the entire server to a new node and still the issue remains. I believe it's not a matter of tweaking the configuration a bit - the host already tried this and why would this suddenly be needed without any spike in visitors (we could easily handle 150, now we can't handle 2).

This same setup has run without any issue at all for months and it's even showing these errors with just 1 visitor. We can't sell anything or do any work.

If there is anybody who might know something or could have a look I'd be very grateful.

Thanks!

Is it a specific user or does it happen if you access the site?

It sounds like an issue I had where anonymous bots were running random search queries.

Hi Tool, thanks for your reply.

A 6th person at my host just finally found there was an unusually high number of syn connections. She tuned the firewall and now it runs OK again.

I already blocked most bots except for the important ones.

Why someone would attack us (unless it's a competitor?!) remains a mystery to me .. or could this have been something else?

I never could figure who was responsible for the search queries. They came from proxies all over the world.

Do you know what the requests being made were?

Crazy. I don't know, I will ask my host if they can see it.

I just checked WHM's daily log and can clearly see that suddenly our carts usage went from a couple of percent to 80 in cpu and similar spikes in mysql. Before that, our wordpress blog was actually eating up more resources than cs-cart!

You would have to check the account specific visitor log.

Hmm I don't see anything strange in there. It looks totally normal.

Interesting. I guess there is nothing to log since the connection is only half open.?

Yeah could be, that's what I was thinking too.

I already blocked most bots except for the important ones.

Could you share how to do that and which one (list) to avoid things happened?

Thank you in advance.

Could you share how to do that and which one (list) to avoid things happened?

Sure, you can refuse them in your robots.txt file. Here is my robots.txt file

User-agent: *
Disallow: /app/
Disallow: /store_closed.html

Disallow: Sistrix

User-agent: sistrix
Disallow: /

Disallow: Sistrix

User-agent: SISTRIX Crawler
Disallow: /

Disallow: Sistrix

User-agent: SISTRIX
Disallow: /

Disallow: SEOkicks-Robot

User-agent: SEOkicks-Robot
Disallow: /

Disallow: jobs.de-Robot

User-agent: jobs.de-Robot
Disallow: /

Backlink Analysis

user-agent: AhrefsBot
disallow: /

Bot der Leipziger Unister Holding GmbH

user-agent: UnisterBot
disallow: /

Moz - SEO Products & Solutions for Better Search Performance

User-agent: dotbot
Disallow: /

http://www.searchmetrics.com

User-agent: SearchmetricsBot
Disallow: /

MJ12Bot | Home | from Majestic

User-agent: MJ12bot
Disallow: /

http://www.domaintools.com/webmasters/surveybot.php

User-agent: SurveyBot
Disallow: /

http://www.seodiver.com/bot

user-agent: SEOdiver
disallow: /

NobleUI - Laravel Admin Dashboard Template

User-agent: spbot
Disallow: /

http://www.wotbox.com/bot/

User-agent: wotbox
Disallow: /

DotBot - Help Hub - Moz

Link Explorer - Backlink Checker with 40T Links! - Moz

User-agent: dotbot
Disallow: /

http://www.meanpath.com/meanpathbot.html

User-agent: meanpathbot
Disallow: /

http://www.backlinktest.com/crawler.html

User-agent: BacklinkCrawler
Disallow: /

Magpie Crawler | Brandwatch

User-agent: magpie-crawler
Disallow: /

http://filterdb.iss.net/crawler/

User-agent: oBot
Disallow: /

User-agent: fr-crawler
Disallow: /

http://webmeup-crawler.com

User-agent: BLEXBot
Disallow: /

Crawler

User-agent: MegaIndex.ru
Disallow: /

User-agent: megaindex.com
Disallow: /

http://www.cloudservermarket.com

User-Agent: CloudServerMarketSpider
Disallow: /

Trendiction Bot

User-Agent: trendictionbot
Disallow: /

http://www.exalead.com

User-agent: Exabot
Disallow: /

http://www.career-x.de/bot.html

User-agent: careerbot
Disallow: /

At Dataprovider.com we structure the global web

User-agent: Lipperhey-Kaus-Australis
Disallow: /

User-agent: seoscanners.net
Disallow: /

User-agent: MetaJobBot
Disallow: /

User-agent: Spiderbot
Disallow: /

User-agent: LinkStats
Disallow: /

User-agent: JobboerseBot
Disallow: /

User-agent: ICCrawler
Disallow: /

User-agent: Plista
Disallow: /

User-agent: Domain Re-Animator Bot
Disallow: /

At Dataprovider.com we structure the global web

User-agent: Lipperhey-Kaus-Australis
Disallow: /

TurnitinBot General Information Page

User-agent: turnitinbot
Disallow: /

http://help.coccoc.com/

User-agent: coccoc
Disallow: /

ubermetrics-technologies.com

User-agent: um-IC
Disallow: /

datenbutler.de

User-agent: mindUpBot
Disallow: /

http://searchgears.de/uber-uns/crawling-faq.html

User-agent: sg-Orbiter
Disallow: /

Frequently Asked Questions – Common Crawl

User-agent: CCBot
Disallow: /

https://www.qwant.com/

User-agent: Qwantify
Disallow: /

http://linkfluence.net/

User-agent: Kraken
Disallow: /

http://www.botje.com/plukkie.htm

User-agent: plukkie
Disallow: /

https://www.safedns.com/searchbot

User-agent: SafeDNSBot
Disallow: /

Robots协议支持_360搜索使用帮助

User-agent: 360Spider
Disallow: /

Robots协议支持_360搜索使用帮助

User-agent: HaosouSpider
Disallow: /

Moz - SEO Software for Smarter Marketing

User-agent: rogerbot
Disallow: /

http://www.openhose.org/bot.html

User-agent: OpenHoseBot
Disallow: /

Screaming Frog SEO Spider Website Crawler

User-agent: Screaming Frog SEO Spider
Disallow: /

http://thumbsniper.com

User-agent: ThumbSniper
Disallow: /

Build real-time relationships with customer magic. - Salesforce.com

User-agent: R6_CommentReader
Disallow: /

User-agent: ImplisenseBot
Disallow: /

Cliqz

User-agent: Cliqzbot
Disallow: /

About aiHit

User-agent: aiHitBot
Disallow: /

Trendiction Bot

User-Agent: trendictionbot
Disallow: /

http://warebay.com/bot.html

User-agent: WBSearchBot
Disallow: /

If you're using nginx I would highly recommend to use this config. I had similar issue with many malicious bots and it worked like a charm:

https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker

Isnt the robots text ignored by the badbots ?

Sure, you can refuse them in your robots.txt file. Here is my robots.txt file

User-agent: *
Disallow: /app/
Disallow: /store_closed.html

Disallow: Sistrix

User-agent: sistrix
Disallow: /

Disallow: Sistrix

User-agent: SISTRIX Crawler
Disallow: /

Disallow: Sistrix

User-agent: SISTRIX
Disallow: /

Disallow: SEOkicks-Robot

User-agent: SEOkicks-Robot
Disallow: /

Disallow: jobs.de-Robot

User-agent: jobs.de-Robot
Disallow: /

Backlink Analysis

user-agent: AhrefsBot
disallow: /

Bot der Leipziger Unister Holding GmbH

user-agent: UnisterBot
disallow: /

Moz - SEO Products & Solutions for Better Search Performance

User-agent: dotbot
Disallow: /

http://www.searchmetrics.com

User-agent: SearchmetricsBot
Disallow: /

MJ12Bot | Home | from Majestic

User-agent: MJ12bot
Disallow: /

http://www.domaintools.com/webmasters/surveybot.php

User-agent: SurveyBot
Disallow: /

http://www.seodiver.com/bot

user-agent: SEOdiver
disallow: /

NobleUI - Laravel Admin Dashboard Template

User-agent: spbot
Disallow: /

http://www.wotbox.com/bot/

User-agent: wotbox
Disallow: /

DotBot - Help Hub - Moz

Link Explorer - Backlink Checker with 40T Links! - Moz

User-agent: dotbot
Disallow: /

http://www.meanpath.com/meanpathbot.html

User-agent: meanpathbot
Disallow: /

http://www.backlinktest.com/crawler.html

User-agent: BacklinkCrawler
Disallow: /

Magpie Crawler | Brandwatch

User-agent: magpie-crawler
Disallow: /

http://filterdb.iss.net/crawler/

User-agent: oBot
Disallow: /

User-agent: fr-crawler
Disallow: /

http://webmeup-crawler.com

User-agent: BLEXBot
Disallow: /

Crawler

User-agent: MegaIndex.ru
Disallow: /

User-agent: megaindex.com
Disallow: /

http://www.cloudservermarket.com

User-Agent: CloudServerMarketSpider
Disallow: /

Trendiction Bot

User-Agent: trendictionbot
Disallow: /

http://www.exalead.com

User-agent: Exabot
Disallow: /

http://www.career-x.de/bot.html

User-agent: careerbot
Disallow: /

At Dataprovider.com we structure the global web

User-agent: Lipperhey-Kaus-Australis
Disallow: /

User-agent: seoscanners.net
Disallow: /

User-agent: MetaJobBot
Disallow: /

User-agent: Spiderbot
Disallow: /

User-agent: LinkStats
Disallow: /

User-agent: JobboerseBot
Disallow: /

User-agent: ICCrawler
Disallow: /

User-agent: Plista
Disallow: /

User-agent: Domain Re-Animator Bot
Disallow: /

At Dataprovider.com we structure the global web

User-agent: Lipperhey-Kaus-Australis
Disallow: /

TurnitinBot General Information Page

User-agent: turnitinbot
Disallow: /

http://help.coccoc.com/

User-agent: coccoc
Disallow: /

ubermetrics-technologies.com

User-agent: um-IC
Disallow: /

datenbutler.de

User-agent: mindUpBot
Disallow: /

http://searchgears.de/uber-uns/crawling-faq.html

User-agent: sg-Orbiter
Disallow: /

Frequently Asked Questions – Common Crawl

User-agent: CCBot
Disallow: /

https://www.qwant.com/

User-agent: Qwantify
Disallow: /

http://linkfluence.net/

User-agent: Kraken
Disallow: /

http://www.botje.com/plukkie.htm

User-agent: plukkie
Disallow: /

https://www.safedns.com/searchbot

User-agent: SafeDNSBot
Disallow: /

Robots协议支持_360搜索使用帮助

User-agent: 360Spider
Disallow: /

Robots协议支持_360搜索使用帮助

User-agent: HaosouSpider
Disallow: /

Moz - SEO Software for Smarter Marketing

User-agent: rogerbot
Disallow: /

http://www.openhose.org/bot.html

User-agent: OpenHoseBot
Disallow: /

Screaming Frog SEO Spider Website Crawler

User-agent: Screaming Frog SEO Spider
Disallow: /

http://thumbsniper.com

User-agent: ThumbSniper
Disallow: /

Build real-time relationships with customer magic. - Salesforce.com

User-agent: R6_CommentReader
Disallow: /

User-agent: ImplisenseBot
Disallow: /

Cliqz

User-agent: Cliqzbot
Disallow: /

About aiHit

User-agent: aiHitBot
Disallow: /

Trendiction Bot

User-Agent: trendictionbot
Disallow: /

http://warebay.com/bot.html

User-agent: WBSearchBot
Disallow: /

Thank you.

Isnt the robots text ignored by the badbots ?

Maybe by the very bad bots, but the unneccesary bots seem to respect the robots.txt

Hello.

A better solution is to block robots in the .htaccess file.

Best regards

Robert.

Hello.

A better solution is to block robots in the .htaccess file.

Best regards

Robert.

Agree with this