Hello @oscargomezpagelycom
Thank you for your feedback!
Please give us 1-2 workdays for investigations.
We’ll contact you as soon as we have any news.
Thread Starter
oscarly
(@oscargomezpagelycom)
Thanks @amagsumov !
If it’s of any help: We observed the same behavior on a clean WP installation, with only the akismet & cleantalk-spam-protect plugins active.
Then activating the cleantalk-spam-protect plugin with [Get Access Key Automatically].
While this was going on, we printed out the $unzipped_content variable, which its value was set to:
0,"(.*)",1
Along with the access logs, some requests like below were automatically coming in:
GET /?spbc_remote_call_token=[TOKEN]&spbc_remote_call_action=sfw_update__worker&plugin_name=apbct&test=test HTTP/1.1" 200 536 "APBCT-wordpress/5.160; http://example.com"
GET /?spbc_remote_call_token=[TOKEN]&spbc_remote_call_action=sfw_update__worker&plugin_name=apbct&test=test HTTP/1.1" 200 573 "APBCT-wordpress/5.160; http://example.com"
GET /?spbc_remote_call_token=[TOKEN]&spbc_remote_call_action=sfw_update__worker&plugin_name=apbct HTTP/1.1" 200 0 "APBCT-wordpress/5.160; http://example.com"
GET /?spbc_remote_call_token=[TOKEN]&spbc_remote_call_action=sfw_update__worker&plugin_name=apbct&test=test HTTP/1.1" 200 536 "APBCT-wordpress/5.160; http://example.com"
GET /?spbc_remote_call_token=[TOKEN]&spbc_remote_call_action=sfw_update__worker&plugin_name=apbct HTTP/1.1" 200 0 "APBCT-wordpress/5.160; http://example.com"
GET /?spbc_remote_call_token=[TOKEN]&spbc_remote_call_action=sfw_update__worker&plugin_name=apbct&test=test HTTP/1.1" 200 573 "APBCT-wordpress/5.160; http://example.com"
(Not all that familiar with the plugin or those requests, but wondering if that’s firing the update( function hooks. Causing the TRUNCATE TABLE wp_cleantalk_ua_bl sql queries.)
Hello @oscargomezpagelycom
Thank you for the details. I’ve added them to the task.
We’ll contact you as soon as we have any news.
Weighing in as another WordPress host that’s seeing this. Not a lot to add that wasn’t already covered, other than to raise the issue that it’s not Pagely-specific (and getting subscribed here so we can push the fix out once it’s released).
Hello, @oscargomezpagelycom @aaroncampbell
Thank you for your feedback.
we have made a fix that should help.
Please download and isntall the dev-version from here:
https://github.com/CleanTalk/wordpress-antispam/releases/download/dev-version/cleantalk-spam-protect.zip
(the version should be 5.160.2-dev)
Here is an instruction:
1. Go to the WordPress Administrator Panel —> Plugins.
2. Find the plugin “Spam Protection by CleanTalk” —> Deactivate.
3. After the automatic page refresh, find the plugin again “Spam Protection by CleanTalk” —> Delete. Confirm “Yes, delete these files”.
5. Go to Plugins —> Add New —> Upload Plugin.
4. Download the plugin archive from the link above.
6. Choose the downloaded archive and press “Install Now”.
Did it help?
Hello @oscargomezpagelycom @aaroncampbell
Please ignore my previous reply.
Further investigations require some of your personal data.
Please, open a ticket in our private support system:
https://cleantalk.org/my/support/open
As a temporary solution, disable the Spam FireWall option in the plugin settings:
WordPress Admin Page —> Settings —> Antispam by CleanTalk —> SpamFirewall turn off
Unfortunately, this isn’t “personal data” – this is something we’re seeing on many customers sites across our network. I’ll open a ticket to share what I can.
Plugin Support
SergeM
(@serge00)
Thank you, @aaroncampbell.
Let’s continue our communication in the ticket.
Ticket opened, the ID is 24504
Plugin Support
SergeM
(@serge00)
Hello,
We’re wondering if there’s any progress on this. We’re still seeing many TRUNCATE queries causing performance issues and we’re getting to the point where our hosting company needs to consider banning the plugin from our platform completely.
We’re wondering if it’s possible to use delete from table instead than truncate to help solve this.
The function doing this is defined in ./lib/Cleantalk/ApbctWP/Firewall/AntiCrawler.php:129
private static function clear_data_table($db, $db__table__data) {
$db->execute( "TRUNCATE TABLE {$db__table__data};" );
$db->set_query( "SELECT COUNT(*) as cnt FROM {$db__table__data};" )->fetch(); // Check if it is clear
if( $db->result['cnt'] != 0 ){
$db->execute( "DELETE FROM {$db__table__data};" ); // Truncate table
$db->set_query( "SELECT COUNT(*) as cnt FROM {$db__table__data};" )->fetch(); // Check if it is clear
if( $db->result['cnt'] != 0 ){
return array( 'error' => 'COULD_NOT_CLEAR_UA_BL_TABLE' ); // throw an error
}
}
$db->execute( "ALTER TABLE {$db__table__data} AUTO_INCREMENT = 1;" ); // Drop AUTO INCREMENT
}
