Support » Plugin: AdRotate Banner Manager » Timeouts … POST vs GET

  • Resolved puxxle

    (@puxxle)


    We’ve been having problems on our site with timeouts, mostly 503 errors. Our host, Pagely, sent us an email with their assessment of the situation. I am not a developer, and in fact, our organization is currently without a developer, so I’m not really sure what to make of it. I’m pasting it below in hopes that someone could tell me what they would do in this situation:

    – – – – – – – – – – – – – – – –

    “We’ve been investigating an issue with dallasinnovates.com which is resulting in intermittent timeouts and PHP worker contention.

    There are a lot of requests being made to admin-ajax.php with payloads such as action=adrotate_impression&track=[redacted-token]. The referrer for these requests seems to be individual post pages like https://dallasinnovates.com/dallas-fort-worth-international-airport-piloting-robotic-baggage-transfer-system/ . Navigating to that page myself, I am not seeing my browser make the ajax call but there are many many requests being logged nonetheless.

    Example of an incoming request:

    POST /wp-admin/admin-ajax.php HTTP/1.0
    X-Forwarded-For: 47.185.84.137
    X-Client-Ip: 47.185.84.137
    Host: dallasinnovates.com
    Connection: close
    Content-Length: 51
    Accept-Encoding: gzip
    CF-IPCountry: US
    CF-RAY: 4fc826dc4f012e91-MIA
    X-Forwarded-Proto: https
    CF-Visitor: {“scheme”:”https”}
    origin: https://dallasinnovates.com
    referer: https://dallasinnovates.com/dallas-fort-worth-international-airport-piloting-robotic-baggage-transfer-system/
    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134
    content-type: application/x-www-form-urlencoded; charset=UTF-8
    accept: */*
    x-requested-with: XMLHttpRequest
    accept-language: en-US,en;q=0.8,zh-Hant-HK;q=0.5,zh-Hant;q=0.3
    cache-control: no-cache
    cookie: _hjIncludedInSample=1; _cb=B7zjFqk06t6DggfnO; _hjid=55e76bcd-8809-4299-a790-3d8f16649d58; _cb_ls=1; _chartbeat2=.1561508394670.1563840548454.0000000001010001.Dbe-9k-jFSIBIbRfcCX0PArCFm5d0.1; _ga=GA1.2.1407520427.1561508392; __cfduid=d0b10323a028f4d62e66960fda998f0aa1561508390; _fbp=fb.1.1561508392002.1372658340
    CF-Connecting-IP: 47.185.84.137
    CDN-Loop: cloudflare
    X-Host: dallasinnovates.com
    X-Gateway-ServerType: miss
    normalized-ua: standard
    X-Gateway-Country: US
    X-Gateway-Skip-Cache: 0
    X-Gateway-Servername: pagelyhosting.com
    X-Gateway-Upstream: apache
    X-Gateway-Scheme: https
    X-Gateway-Port: 443
    X-Gateway-Miss-Port: 82
    X-Pagely-SSL: on
    HTTPS: on
     
    action=adrotate_impression&track=[redacted-token]

    The problem with these kinds of requests is they are using the method POST and those can’t be cached. Even if the page it’s called from is hitting cache, the ajax call is always uncached. So, if you get a lot of visitors to the site that will make the PHP workers and CPU on the system start working extra hard to keep up and eventually cause timeouts.

    We have applied some more stringent rate limiting/traffic shaping rules on the /wp-admin/admin-ajax.php endpoint as a result of this activity. It will allow a certain amount of burst per visitor at the normal performance level and any excess will have the response processing delayed by up to 30 seconds.

    This essentially holds the request in a queue before sending it to be handled by PHP, allowing the PHP workers some breathing room to handle other requests necessary for the site.

    In scanning your plugin codebase we see this call is being initiated by the adrotate-pro plugin. Our advice is to stop using this plugin due to the way it is implemented and find an alternative that is based on using GET requests and the WP REST API which would be much easier to control with caching and more specific rate limiting (we’ve had to enforce an overall rate limiting policy for all /wp-admin/admin-ajax.php requests due to the way this plugin operates). You may also be able to ask the plugin authors if they can make this kind of change for you, that’s definitely worth a shot.

    If you prefer to keep using that plugin, that’s fine as well because we have the rate limiting rules in place. However, if you start experiencing any other problems with admin-ajax.php requests taking a long time to respond then you might have to have us remove the rate limiting and instead upgrade the hosting plan in order to handle the workload.”
    – – – – – – – – – – – – – – – – – –

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.