general error

[tommyaweosme]

... WE BROKE A RECORD THIS MORNING!!!!
SO MANY GUESTS

[tommyaweosme]

over the past few days there have been thousands of users online at the forums and whenever i go to certain pages it throws me this error:

Screenshot 2025-03-02 10.16.06.png (86.25 KiB) Viewed 2166 times

are we being DDOSed and if so what can we do about it?

[dvgrn]

over the past few days there have been thousands of users online at the forums and whenever i go to certain pages it throws me this error:

["This site is experiencing technical difficulties"]

are we being DDOSed and if so what can we do about it?

I'd say it's probably not a deliberate DDOS. It's more likely to be a side effect of too many spammers (maybe using some newly available software?) trying to create advertising messages across many different PHPBB forums.

Nathaniel has been keeping an eye on this off and on, as he has time, but it seems to come and go rather unpredictably; it's not clear that there's a good way to control the problem in the short term. So far, it will probably work to just hit the refresh button and try again, and see what happens in another week or two.

@tommyaweosme, I've moved your post over here. It doesn't seem like we need to keep creating new threads for the same underlying problem.

[confocaloid]

over the past few days there have been thousands of users online at the forums and whenever i go to certain pages it throws me this error: [...]

I also noticed this error, as well as (slightly changed in wording but otherwise already described in preceding discussion) error saying "An sql error occurred while fetching this page. Please contact an administrator if this problem persists.".

[...] are we being DDOSed and if so what can we do about it?

Probably not much, besides obvious things such as avoiding unnecessary double-posting or other unnecessary high-volume activity.

[muzik]

Are the generic sounding new accounts on the wiki also linked to this?

[dvgrn]

Are the generic sounding new accounts on the wiki also linked to this?

Honestly, we don't know. Probably not. They might be caused by a different part of the same software package, but it's maybe just as likely that it's two completely separate pieces of spam-generation software.

- There haven't really been very many spam forum posts created recently; there have been periods in the past with a lot more new spam posts per week than we're seeing these days.

- There's no particular sign that any one spammer has created both a forum account and a LifeWiki account for purposes of spam. Nobody who is using automated or semi-automated methods to send out this pointless bulk advertising garbage is even going to notice that the forums and the LifeWiki are related -- they don't care about that at all.

- Similarly, the hundreds of spam LifeWiki accounts are somewhat recognizable by the format of the account names. Nobody has ever showed up on the forums to ask for the trusted flag for any of those accounts. Here again, the software that's trying to create spam wiki articles across (no doubt) hundreds or thousands of MediaWiki instances ... doesn't know or care about the link between the LifeWiki and the forums.

The wiki-spam-making software probably creates a new user and then immediately tries to create an article using that account -- and when it fails, it just shrugs and moves on to some other wiki.

It's hard to see what we can do to stop or block this kind of thing, without also preventing legitimate new users from being able to easily create accounts. Each new spam user is going to come from a different IP address, because it's probably originating from a different spammer trying to use the same rotten annoying piece of spam-enabling software.

EDIT: As blah suggests, for the unwarranted number of guests on the forums, it's maybe equally possible that Large Language Model scrapers might be the culprit. That doesn't explain the piles of new LifeWiki users still being created, though; those are probably due to auto-spammer software of some kind.

[hotdogPi]

This should catch about 40% of the spam usernames on the wiki. All must be true. Removing the last condition would get nearly 100% but introduce some false positives.

• Begins with a capital letter

• Has exactly one capital letter not at the beginning, and the two capital letters aren't adjacent

• No characters other than letters and digits (notably spaces aren't on the list)

• No digits followed by letters (i.e. digits must be at the end only)

• Ends with a digit

"Choose another username" should be enough; bots probably won't bother.

[unname4798]

The spammer bots will evolve to make accounts with usernames beginning with a digit.

[dvgrn]

The spammer bots will evolve to make accounts with usernames beginning with a digit.

They probably won't evolve, because they probably won't be under any pressure to evolve.

The new accounts can't do any particular harm. They just clutter up the new-users list a little bit. So maybe Nathaniel will find a way to clear them all out of the database in bulk in a year or two.

But until then I doubt any mechanism will be added try to make someone to choose a new username if their name matches hotdogPi's criteria. That's just how we'll recognize spammer accounts when we're looking at them.

[tommyaweosme]

The spammer bots will evolve to make accounts with usernames beginning with a digit.

They probably won't evolve, because they probably won't be under any pressure to evolve.

The new accounts can't do any particular harm. They just clutter up the new-users list a little bit. So maybe Nathaniel will find a way to clear them all out of the database in bulk in a year or two.

But until then I doubt any mechanism will be added try to make someone to choose a new username if their name matches hotdogPi's criteria. That's just how we'll recognize spammer accounts when we're looking at them.

my random name generator algorithm:
flip a coin. if heads, put a random number or letter at the start of the username, uppercase or lowercase is also decided randomly.
then, flip a coin again. if heads, follow on to next step, if tails, add a digit and flip the same coin again until heads.
pick a random word from the dictionary, and then capitalize it either lowercase, uppercase, or title case.
then, get a dash or a space or nothing or a third word (decided by D4 roll) between the first and sceond word, the second word following the standars f the first word.
then, roll a D6, subtract the result by 1. thats how many numbers are at the end.

this algoritm can make usernames that seem almost exactly like real usernames, and the best thing is, almost EVERY regex will turn up false positives!

[blah]

Are we sure the strain on the site is caused by spambots and not LLM scrapers? Last I heard LLM companies were collectively DDOSing the entire internet to get training data.

It could be spammers or LLM companies. But I repeat myself.

[Nathaniel]

I've started the process of putting conwaylife.com behind Cloudflare DDoS protection. There might be some weirdness for a day or two, but hopefully it's less painful than the bugs caused by the truly absurd amount of bot DDoSing that is happening.

[Haycat2009]

I heard LLM companies were collectively DDOSing the entire internet to get training data.

It could be spammers or LLM companies. But I repeat myself.

Why would they need accounts for training data? And so many of them? Normally, 1 account should be enough as no new info is gained by creating extra accounts.

[blah]

Why would they need accounts for training data? And so many of them? Normally, 1 account should be enough as no new info is gained by creating extra accounts.

My assumption was that the spam accounts are a separate problem entirely from the surge of traffic. Is the amount of new spam accounts being used/created at any given time correlated with the amount of traffic over all?

Are these accounts even being used to view the site? Looking at the bottom of the index, they aren't clearly logged in, but maybe they're just hiding their activity.

I think only Nathaniel has the necessary information to figure this out.

[LuveelVoom]

I've started the process of putting conwaylife.com behind Cloudflare DDoS protection. There might be some weirdness for a day or two, but hopefully it's less painful than the bugs caused by the truly absurd amount of bot DDoSing that is happening.

It appears that this change has broken the !wiki function of caterer (the discord bot, not the p3 oscillator ) Could whatever web thing caterer uses be given an exception?

[Nathaniel]

It appears that this change has broken the !wiki function of caterer (the discord bot, not the p3 oscillator ) Could whatever web thing caterer uses be given an exception?

Yep, whoever's running it just has to let me know where it's running from (e.g., which IP it's hosted on or something so that I know what exception to put into Cloudflare).

[b-engine]

This General Error happens again, despite there are only 2 guests lurking around. How about priortize connection of registered users above guests?

[confocaloid]

This error happens again, despite there are only 2 guests lurking around. How about priortize connection of registered users above guests?

Some time ago I noticed an error message that said "MySQL server has gone away". I cannot reproduce this again.
I don't know whether this is the same error message as you were seeing, there are several different kinds of recurring errors.

[b-engine]

This General Error happens again, despite there are only 2 guests lurking around. How about priortize connection of registered users above guests?

The general error happens again despite no guests online. Is this DDoS?

[confocaloid]

Unusually frequent error messages in recent hours:

General Error
SQL ERROR [ mysqli ]

User psstoref_cwl_forums already has more than 'max_user_connections' active connections [1203]

An sql error occurred while fetching this page. Please contact an administrator if this problem persists.

[tommyaweosme]

i apparently cant look up "ty" here without getting some sort of error. everything else works just fine. i was doing this because "bitty" isnt on the forums so i was breaking it apart for my albuquerque but its sung by the conwaylife.com forums project, but apparently i just cant look up "ty".

anyone know why?

[WhiteHawk]

Not sure which thread to post in, but posting my problem here too.

Help! I keep getting sign-out messages whenever I try to edit my posts, comment, or do anything that being signed in would allow me to do! And them my progress doesn't save once I sign back in (I also get the message "The Submitted Form was Invalid. Please Try Again" the first time I press the sign in button, but it works to sign me in when I do it the second time)

I got three when trying to post this very question, and another two when trying to edit it.

Note that I can get to the edit/post screen, but when I try to submit my edit/comment, it goes to the sign-in page.

[b-engine]

I've started the process of putting conwaylife.com behind Cloudflare DDoS protection. There might be some weirdness for a day or two, but hopefully it's less painful than the bugs caused by the truly absurd amount of bot DDoSing that is happening.

The LifeViewer in Catagolue is forbidden from accessing LifeWiki.
Go to here and you'll see "Invalid Pattern!" despite Rule:Phex being a defined rulename.

[rowett]

The LifeViewer in Catagolue is forbidden from accessing LifeWiki.

Nathaniel has kindly fixed this.

[PiSpaceships]

Polls can be created only in FOUR FORUMS.

Website Discussion, LifeWiki Discussion, Bugs & Errors and Patterns.

Can someone fix this?