Forum Feedback AAF is really slow to respond

Welcome to Another Admin Forum!

Welcome to Another Admin Forum! Join our community of forum creators today. Register for a free account and get tips, resources, and support to build and grow your forum. Let's create better forums together!

Register Log in
My host said nothing showed any error.

I'm going to watch for the slowness and see what I can find.
 
Shawn Gossman said:
My host said nothing showed any error.

I'm going to watch for the slowness and see what I can find.
Click to expand...
It might be malicious bots hitting your server late at night. Look for any in the range of 47.238. And 47.82. Or similar ones. They’re from chinese bots that are known for hitting servers.
 
Cedric said:
I honestly have never seen it being slow and I browse daily,
Multiple times a day.
Click to expand...
Me too. I've only experience slowness when they're working on the server.
 
For me, it's never been a regular issue. But it usually is early in the AM (Central Time) that I notice it since I am usually up at night and asleep during the day.
 
They're going to be working on my MySQL server in a few days. That might cause some downtime. Maybe half an hour.
 
So, Mod_Security was enabled for this domain. I've looked into it and found that Mod_Security and XenForo don't get along. That could be the reasoning for the slowness. I've disabled it and we'll see.
 
Mod security can cause headaches with almost any script. You have to be able to check the logs and find where it may be conflicting.
Honestly I have not used mod security in ages on any of my sites.
 
Shawn Gossman said:
So, Mod_Security was enabled for this domain. I've looked into it and found that Mod_Security and XenForo don't get along. That could be the reasoning for the slowness. I've disabled it and we'll see.
Click to expand...
Noooo noooo, you don't do that.

You need to determine which rule is having a conflict and determine whether it's necessary to disable that rule or not. Mod Security provides beefy protection with a lot of rules that can stop bad actors. But, some of them can behave badly with XenForo when they're not necessary.

Look at your access logs and see which rules are slowing it down, then see what the rule is all about, and then see if it's worth the trade off to disable only that rule.

stackoverflow.com

Disaabe rule by ID in modsecurity on apache

I put ModSecurity for a web server and works fine. But some of the cases it blocked and giving Access Denied page. Below shows unwanted rule IDs which are getting from after reading log file. 950109
stackoverflow.com stackoverflow.com
 
frm said:
Noooo noooo, you don't do that.

You need to determine which rule is having a conflict and determine whether it's necessary to disable that rule or not. Mod Security provides beefy protection with a lot of rules that can stop bad actors. But, some of them can behave badly with XenForo when they're not necessary.
Click to expand...
Ahhh... the benefit of using Cloudflare and their WAF.

Cloudflare OWASP Core Ruleset · Cloudflare Web Application Firewall (WAF) docs

The Cloudflare OWASP Core Ruleset is Cloudflare's implementation of the OWASP ModSecurity Core Rule Set (CRS). Cloudflare routinely monitors for updates from OWASP based on the latest version available from the official code repository.
developers.cloudflare.com developers.cloudflare.com
 
frm said:
Noooo noooo, you don't do that.

You need to determine which rule is having a conflict and determine whether it's necessary to disable that rule or not. Mod Security provides beefy protection with a lot of rules that can stop bad actors. But, some of them can behave badly with XenForo when they're not necessary.

Look at your access logs and see which rules are slowing it down, then see what the rule is all about, and then see if it's worth the trade off to disable only that rule.

stackoverflow.com

Disaabe rule by ID in modsecurity on apache

I put ModSecurity for a web server and works fine. But some of the cases it blocked and giving Access Denied page. Below shows unwanted rule IDs which are getting from after reading log file. 950109
stackoverflow.com stackoverflow.com
Click to expand...
I read a few posts on XenForo and it seemed like they recommended turning it off.

I'm not as informed about mod-security as I should be - what does it do exactly?
 
Shawn Gossman said:
I'm not as informed about mod-security as I should be - what does it do exactly?
Click to expand...
It does offer some protections... but you can get similar from any WAF.
For nginx, it is no longer supported natively "offically".
It helps prevent layer 7 attacks and a few other things, but it is a real pain in the ass to deal with. If you are using CloudFlare and have their WAF enabled, you generally don't have to worry about it.
Those that say you need it are either still stuck in the past or are pushing their own WAF rules that work with it.

If you don't mind paying for CloudFlare, their offerings exceed what ModSec offers.
I find it rather amusing how some are still stuck on old offerings and ignore the better solutions that are available. But that does carry over to many aspects of this field.
 
Tracy said:
I find it rather amusing how some are still stuck on old offerings and ignore the better solutions that are available. But that does carry over to many aspects of this field.
Click to expand...
I wouldn't necessarily call CentMinMod "stuck on old offerings". It's beefy and regularly updated and supported. I trust @eva2000 can make it as good as CF can.
 
frm said:
I wouldn't necessarily call CentMinMod "stuck on old offerings". It's beefy and regularly updated and supported. I trust @eva2000 can make it as good as CF can.
Click to expand...
CentMin is far from stuck on "old offerings".
That reference was based upon Apache and even nginx and some peoples reliance of modsecurity. Now more and more people are wanting you to pay them money for rulesets.
It is no longer officially supported for nginx (and I really don't care a whit about Apache), and honestly, the majority (if not all) of the functions can be performed at the CF level before it even hits your server and takes up resources.
I've been a CentMin user for years (2014 - 4 years earlier than you from forum join date)... and am more than happy with it.
 
You must log in or register to reply here.
Back
Top Bottom