Sanjeev Sabhlok's notes on technology, hardware, gardening

Extreme CPU usage on Siteground

APRIL 2024

26 April 2024: Informed by Siteground that my websites had reached 80% of the CPU seconds limit. The traffic surge suddenly started on 25th April. Most traffic was to the home page sabhlokcity.com, a denial of service attack.

Websites did not shut down in April since it was towads the end of the month, but we started looking at the issue.

MAY 2024
Early May: Introduced a few referrer based rules in .htaccess to block certain HTTP referrers, in response to the April issue.

But on 3 May 2024, informed that websites have reached 80% of the CPU seconds limit. The changes made had caused page views and bandwidth usage to go down significantly, but not enough for May 2024.

8 May 2024: We were informed that “Your hosting plan is now limited. 100% of your monthly CPU has been used”.

Websites were then shut down for the entire month of May. We had no choice but to wait to see what happens in June 2024.

JUNE 2024

We thought that changes made in May 2024 might help in June, but no, on 3 June the 80% usage message was again received.

Two steps taken urgently:

a) Identified that 99.7% traffic is coming from Android OS. Blocked all requests from Android OS via a mod_rewrite rule in the site root .htaccess.

b) On 4 June 2024 moved to premium (paid) CDN on Siteground.

This  helped but by 16 June things flared up again.

On 19 June I raised my first ticket with Siteground and noted: “I paid for Siteground premium CDN but looks like it stopped working from 16 June.” I asked Siteground to also extend the CPU limit.

In their response, they provided technical advice that includes a key point : “while the CDN service aims to improve page load times, reduce overall data transfer amounts between the CDN’s cache servers and the client, there are cases where the caching services are avoided, for example by the WebCrawler bots from different Search engines and social network services.” [This latter bit is a crucial piece of info: Webcrawlers are making a mess of things by bombarding websites with requests]

They also showed that now traffic is being generated internally from our WP installations.

Actions taken in response:

– Deleted Jetpack from every domain and sub-domain
– Enabled “under attack mode” in CDN setting
– Blocked traffic for several user agents: android|semrush|googlebot|uptimerobot|amazonbot
– Blocked traffic for several referring web sites: (livegore|anthroblog\.anthroweb|raddle|lakedonpedro|openculture|toba60|buoiholo)\.
– Disabled several WP plugins and updated remaining ones to their latest versions
– Removed most cron jobs

Siteground did not shut down my websites during the rest of June and things were under control  till mid-July when things got bad again – below.

JULY 2024

On 18 July 2024, the 80% limit was reached again. I raised the second ticket with Siteground and received feedback based on which the following additional actions were taken:

– removed all unnecessary plugins from all sites
– activated cache on all sites
– BLOCKED  FACEBOOK WEB CRAWLERS
– also, since FTI.SABHLOKCITY.COM was causing trouble, added some text to its htaccess file (below)

Looks like that has brought things under control (SEE IMAGE BELOW)

HTACCESS

Inserted the following code into fti.sabhlokcity.com’s htaccess file:
# block bot requests
RewriteCond %{HTTP_USER_AGENT} android|semrush|googlebot|uptimerobot|amazonbot [NC]
RewriteRule ^ – [F]

# block bad referrers
RewriteCond %{HTTP_REFERER} (livegore|anthroblog\.anthroweb|raddle|lakedonpedro|openculture|toba60|buoiholo)\. [NC]
RewriteRule ^ – [F]

RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]

RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{HTTPS} !on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]

ALSO SEE MY TWEET.

Continue Reading

Entire text has disappeared in Microsoft Word, only footnotes are visible

This has happened twice. A solution below (it is pretty complicated but works).

1. What happens is that while updating the table (F9) one might accidentally press Alt-F9, and then select all text. This converts it all into a field.

2. How to undo this is impossible manually. It requires a MACRO.

3. See this first – how to install a macro in the Word document: https://www.gmayor.com/installing_macro.htm

4. Then install this macro:

Sub ExtractFieldCode()
    ' Jay Freedman
    ' https://answers.microsoft.com/en-us/msoffice/forum/all/code-field/5f5f839e-581b-4578-b446-391b635b4af3
    '
    Dim rg As range
    If ActiveDocument.Fields.Count = 0 Then
        MsgBox "This document contains no fields."
        Exit Sub
    End If
    With ActiveDocument
        .ActiveWindow.View.ShowFieldCodes = True
        .Fields(1).Code.Cut
        .range.PasteSpecial DataType:=WdPasteDataType.wdPasteHTML
        .ActiveWindow.View.ShowFieldCodes = False
    End With
End Sub

5. Now run the macro!

DONE – THE ORIGINAL TEXT WILL RETURN.

Note: it is possible that a few problems might emerge in the text that has been retrieved. I had a to manuall fix some of these problems, but it was far better than re-typing material that I had lost.

Continue Reading

Insert an image as the title page of a Word document

 

  1. Insert rectangle shape – and stretch it to the tips of the page

2. Go to shape format > Shape fill > drop down pick picture > insert the picture.

NOTE: Word will STRETCH THE IMAGE and distort it. You’ll need to figure out the correct size by trial and error, in Canva. Resize the image in canva before downloading.

A4 size paper is 210 x 297 mm

Canva default for book is 1410 x 2250

To make it fit the A4 page, resize to 1410  x 1994

 

Continue Reading