Announcement

Collapse
No announcement yet.

PHP Warning

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Wayne Luke
    replied
    Originally posted by blacksurfer

    Yes, thanks I'm on the free Cloudflare account and everything seems to be fine. I moderate all news member before they can post. My forum, along with many others, have gotten really small. People seem to have moved to social media and not using forums anymore, so I don't want to upgrade to continue to beat a dead horse. The spam emails have also ceased. Thanks to all for your help.
    This is really a different topic and it can probably have books written about it. However, if you provide generally available information on your site or it is just a chat site, then Social Media will win. Especially if users cannot access your site on a mobile device these days. The types of forums that generate traffic these days have information specific to a topic and staff that are actively providing content pertaining to the topic. Mobile Device access is a big plus as well. Many people aren't using desktop and laptops to access the web anymore. A growing amount of the world population doesn't even own computers, even in industrialized nations.

    Leave a comment:


  • In Omnibus
    replied
    Originally posted by blacksurfer

    Yes, thanks I'm on the free Cloudflare account and everything seems to be fine. I moderate all news member before they can post. My forum, along with many others, have gotten really small. People seem to have moved to social media and not using forums anymore, so I don't want to upgrade to continue to beat a dead horse. The spam emails have also ceased. Thanks to all for your help.
    There's not much we can do if people are stupid enough to give all their personal data to social media. I might be completely wrong but I still think social media is going to run its course and people are going to move away from it. Facebook is making the case for me.

    Leave a comment:


  • In Omnibus
    replied
    Originally posted by blacksurfer

    Unfortunately my license can't get 4.2.5. I'm considering upgrading to vb5 with the special mentioned on the sticky for $169, or zenforo for $160. I was hoping the upgrade for those of us already on vb4 would be less than the competitor's new full forum. Thanks to all for their help.
    You can use any software you like. It won't prevent DDos attacks. You'd be better off paying for Sucuri or CloudFlare to remedy that issue. Or getting a host with built-in DDos protection.

    Leave a comment:


  • Wayne Luke
    replied
    Originally posted by blacksurfer

    OK, i read in another topic that upgrading to vb5 prevents this. Thanks
    It will prevent the session table is full message because we don't use Memory tables in vBulletin 5. It doesn't stop the underlying cause of the issue though. You'll just get an increasingly large table. Nor will you gain protection from a DDOS attack. The server will simply fail in another location.

    vBulletin will delete expired sessions every hour. If you're under a DDOS attack, it cannot do this because there are 1) too many sessions, 2) the table fails, 3) server resources are exhausted. The way to protect against DDOS attacks is to use a firewall at the largest bandwidth portions coming into your data center's network to deflect improper traffic to the void. It just goes there to die. Your hope is that your internal network will still have enough bandwidth for legitimate requests. If you wait until it gets to the actual server it is often too late. The network is overwhelmed and the server goes offline. If you wait until it gets to the application (vBulletin in this case), there is no hope of regaining control.

    Leave a comment:


  • Mark.B
    replied
    Originally posted by blacksurfer

    Thanks I signed up and changed my email password and this seems to be working for now. I'm on forum 4.1.2, why wasn't the patch released for older forums and not just 5?
    Firstly the issue did not affect vB4.
    Secondly vB4 is end of life
    Thirdly and most importantly, even if such an issue did crop up on vB4 and we decided to issue a patch, it would only be for 4.2.5.

    4.1.2 is old and completely unsupported. It also potentially contains other unpatched security flaws. You should arrange to upgrade php to 7.1 and vBulletin to 4.2.5 without delay.

    Leave a comment:


  • sulcitano
    replied
    I want to thank Marc for his ticket advice, which worked perfectly !! thanks a lot Mark

    Leave a comment:


  • djbaxter
    replied
    Because as far as I know the security issue only affected vB5. not vB4.

    Leave a comment:


  • djbaxter
    replied
    Originally posted by blacksurfer
    That's what my web host thought. Anyway to prevent this from happening? Do I need to upgrade to vb5 or another forum like zenforo or is there another preventative step? Thanks very much!
    As Mark.B said, upgrading vBulletin won't help. Even switching to different forum software won't help if the DDoS is targeting your URL.

    Using a firewall on the server may help somewhat but in my experience if you're really getting hammered you'll probably need to use Cloudflare - The Web Performance & Security Company | Cloudflare. Try the free version first. If that doesn't work, moving up to the lowest paid plan (Pro @ $20/month USD) will likely stop it dead. The Pro plan adds an additional firewall that allows you to block entire countries, which is very effective if you know where they are coming from.

    Leave a comment:


  • Mark.B
    replied
    You need to speak to your host. No forum software can prevent DDOS attacks.

    Upgrading or switching software will not help. Defending such attacks is a server-level operation.

    Leave a comment:


  • djbaxter
    replied
    No it's not a new error. What may have changed is that forums, especially vBulletin forums, are under active attack by bots lately, many from China.

    Leave a comment:


  • Mark.B
    replied
    No there is no video. Running queries differs depending on the host and their set up, over which we have no control.

    Your host will normally provide something like phpMyAdmin to provide access to the database. You can run the query on there.

    If not, or if you are not confident running queries, you can speak to your host.

    Alternatively: If you have ftp access (and can provide us with the credentials), then you can raise a support ticket to us, we should be able to upload a file that will allow us to run the query for you.

    Leave a comment:


  • sulcitano
    replied
    Thanks, I couldn't do anything, please there are some videos for this problem, I had a web master unfortunately it disappeared, thanks to everyone for your availability

    Leave a comment:


  • Mark.B
    replied
    You need to run this query on the database:

    truncate table session

    Leave a comment:


  • sulcitano
    started a topic [Forum] PHP Warning

    PHP Warning

    Hello. I can't open my forum anymore; gives me this error:
    PHP Warning: mysqli_query(): (HY000/1114): The table 'session' is full in ..../includes/class_core.php on line 1386
    can you help me please?
widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
Working...
X