This is really a different topic and it can probably have books written about it. However, if you provide generally available information on your site or it is just a chat site, then Social Media will win. Especially if users cannot access your site on a mobile device these days. The types of forums that generate traffic these days have information specific to a topic and staff that are actively providing content pertaining to the topic. Mobile Device access is a big plus as well. Many people aren't using desktop and laptops to access the web anymore. A growing amount of the world population doesn't even own computers, even in industrialized nations.

There's not much we can do if people are stupid enough to give all their personal data to social media. I might be completely wrong but I still think social media is going to run its course and people are going to move away from it. Facebook is making the case for me.

You can use any software you like. It won't prevent DDos attacks. You'd be better off paying for Sucuri or CloudFlare to remedy that issue. Or getting a host with built-in DDos protection.

It will prevent the session table is full message because we don't use Memory tables in vBulletin 5. It doesn't stop the underlying cause of the issue though. You'll just get an increasingly large table. Nor will you gain protection from a DDOS attack. The server will simply fail in another location.

vBulletin will delete expired sessions every hour. If you're under a DDOS attack, it cannot do this because there are 1) too many sessions, 2) the table fails, 3) server resources are exhausted. The way to protect against DDOS attacks is to use a firewall at the largest bandwidth portions coming into your data center's network to deflect improper traffic to the void. It just goes there to die. Your hope is that your internal network will still have enough bandwidth for legitimate requests. If you wait until it gets to the actual server it is often too late. The network is overwhelmed and the server goes offline. If you wait until it gets to the application (vBulletin in this case), there is no hope of regaining control.

Firstly the issue did not affect vB4.
Secondly vB4 is end of life
Thirdly and most importantly, even if such an issue did crop up on vB4 and we decided to issue a patch, it would only be for 4.2.5.

4.1.2 is old and completely unsupported. It also potentially contains other unpatched security flaws. You should arrange to upgrade php to 7.1 and vBulletin to 4.2.5 without delay.

I want to thank Marc for his ticket advice, which worked perfectly !! thanks a lot Mark

Because as far as I know the security issue only affected vB5. not vB4.

As Mark.B said, upgrading vBulletin won't help. Even switching to different forum software won't help if the DDoS is targeting your URL.

Using a firewall on the server may help somewhat but in my experience if you're really getting hammered you'll probably need to use Cloudflare - The Web Performance & Security Company | Cloudflare. Try the free version first. If that doesn't work, moving up to the lowest paid plan (Pro @ $20/month USD) will likely stop it dead. The Pro plan adds an additional firewall that allows you to block entire countries, which is very effective if you know where they are coming from.

You need to speak to your host. No forum software can prevent DDOS attacks.

Upgrading or switching software will not help. Defending such attacks is a server-level operation.

No it's not a new error. What may have changed is that forums, especially vBulletin forums, are under active attack by bots lately, many from China.

No there is no video. Running queries differs depending on the host and their set up, over which we have no control.

Your host will normally provide something like phpMyAdmin to provide access to the database. You can run the query on there.

If not, or if you are not confident running queries, you can speak to your host.

Alternatively: If you have ftp access (and can provide us with the credentials), then you can raise a support ticket to us, we should be able to upload a file that will allow us to run the query for you.

Thanks, I couldn't do anything, please there are some videos for this problem, I had a web master unfortunately it disappeared, thanks to everyone for your availability

You need to run this query on the database:

truncate table session