jaymc Posted March 8, 2007 Share Posted March 8, 2007 here is the output from PhpMyAdmin of the process list of mysql at the time it was called Should I be concerned about the number of processes for the chatroom It uses a persistent connection that runs for 8 seconds but also refreshes every 6 seconds, rather than opening a new socket every 6 seconds... 66100 root localhost jaydio_chatroom Sleep 7 NULL 66110 root localhost jaydio_chatroom Sleep 6 NULL 66116 root localhost jaydio_chatroom Sleep 6 NULL 66119 root localhost jaydio_chatroom Sleep 6 NULL 66125 root localhost jaydio_chatroom Sleep 6 NULL 66129 root localhost jaydio_chatroom Sleep 6 NULL 66131 root localhost jaydio_chatroom Sleep 5 NULL 66134 root localhost jaydio_chatroom Sleep 5 NULL 66137 root localhost jaydio_chatroom Sleep 5 NULL 66138 root localhost jaydio_chatroom Sleep 5 NULL 66142 root localhost jaydio_chatroom Sleep 5 NULL 66144 root localhost jaydio_chatroom Sleep 4 NULL 66145 root localhost jaydio_chatroom Sleep 5 NULL 66146 root localhost jaydio_chatroom Sleep 4 NULL 66147 root localhost jaydio_chatroom Sleep 4 NULL 66151 root localhost jaydio_chatroom Sleep 5 NULL 66153 root localhost jaydio_chatroom Sleep 5 NULL 66156 root localhost jaydio_chatroom Sleep 4 NULL 66162 root localhost jaydio_chatroom Sleep 4 NULL 66163 root localhost jaydio_chatroom Sleep 4 NULL 66166 root localhost jaydio_chatroom Sleep 4 NULL 66169 root localhost jaydio_chatroom Sleep 4 NULL 66170 root localhost jaydio_chatroom Sleep 4 NULL 66172 root localhost jaydio_chatroom Sleep 4 NULL 66175 root localhost jaydio_chatroom Sleep 4 NULL 66177 root localhost jaydio_chatroom Sleep 4 NULL 66181 root localhost jaydio_chatroom Sleep 3 NULL 66189 root localhost jaydio_chatroom Sleep 3 NULL 66191 root localhost jaydio_chatroom Sleep 3 NULL 66195 root localhost jaydio_chatroom Sleep 3 NULL 66197 root localhost jaydio_chatroom Sleep 3 NULL 66199 root localhost jaydio_chatroom Sleep 3 NULL 66203 root localhost jaydio_chatroom Sleep 2 NULL 66208 root localhost jaydio_forum Query 0 Sending data SELECT s.* FROM ibf_sessions s WHERE (s.location_2_id IN (4,40,43,72,14,6,15,21,20,10,7,12,52,37)) A 66209 root localhost jaydio_chatroom Sleep 2 NULL 66212 root localhost jaydio_chatroom Sleep 2 NULL 66220 root localhost jaydio_chatroom Sleep 1 NULL 66222 root localhost jaydio_chatroom Sleep 1 NULL 66226 root localhost jaydio_chatroom Sleep 0 NULL 66231 root localhost jaydio_chatroom Sleep 0 NULL 66232 root localhost jaydio_chatroom Sleep 0 NULL 66230 root localhost jaydio_chatroom Sleep 0 NULL 66235 root localhost jaydio_chatroom Sleep 0 NULL 66241 root localhost jaydio_chatroom Sleep 0 NULL 66243 root localhost NULL Sleep 0 NULL 66244 root localhost NULL Query 0 NULL SHOW PROCESSLIST Quote Link to comment https://forums.phpfreaks.com/topic/41824-solved-process-list-concern/ Share on other sites More sharing options...
fenway Posted March 8, 2007 Share Posted March 8, 2007 That's the problem with persistent connections... they can get "abandoned". Quote Link to comment https://forums.phpfreaks.com/topic/41824-solved-process-list-concern/#findComment-203004 Share on other sites More sharing options...
jaymc Posted March 8, 2007 Author Share Posted March 8, 2007 So in my case is it better to just have it reopen a sql socket every 6 seconds rather than have it as persistant? Sometimes there can be 60 users in the chat at one time 60 x mysql connections in a 6 second span So basically 10 every second from the chatroom alone which has 3 queries so thats 30 queries a second from the chatroom Thats why I opted for persistant connection for 8 seconds Advise? Quote Link to comment https://forums.phpfreaks.com/topic/41824-solved-process-list-concern/#findComment-203046 Share on other sites More sharing options...
fenway Posted March 9, 2007 Share Posted March 9, 2007 Yes, but they're not very persistent if you have so many sleeping threads.... Quote Link to comment https://forums.phpfreaks.com/topic/41824-solved-process-list-concern/#findComment-203115 Share on other sites More sharing options...
shoz Posted March 9, 2007 Share Posted March 9, 2007 If you're connecting to the database using the root user as your ProcessList output suggests, you're risking the possibility of someone gaining complete control over MYSQL if any of your scripts have SQL injection or the like vulnerabilities. When you write your own scripts try to give only as much access to the database as is required. So for example, if the script only performs SELECTs then you should connect to the server with the user that only has SELECT rights to the database. When you install third party scripts and they require a database, you create a user solely for that script which only has access to the database in question. To make the point clearer. I believe you're using Invision Power Board. If you are, or had been using any of the following versions Vulnerable Systems: * Invision Power Board 2.0.x * Invision Power Board 2.1.0 - 2.1.7 * Invision Power Board 2.2 Beta 1 The entire Server could have been compromised. Invision Power Board Multiple Vulnerabilities (Toolbox SQL) Quote Link to comment https://forums.phpfreaks.com/topic/41824-solved-process-list-concern/#findComment-203290 Share on other sites More sharing options...
fenway Posted March 9, 2007 Share Posted March 9, 2007 Yeah, that how mysqlfreaks.com got taken down for good... Quote Link to comment https://forums.phpfreaks.com/topic/41824-solved-process-list-concern/#findComment-203549 Share on other sites More sharing options...
jaymc Posted March 10, 2007 Author Share Posted March 10, 2007 Ive changed it all now and removed root Cheers Quote Link to comment https://forums.phpfreaks.com/topic/41824-solved-process-list-concern/#findComment-204045 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.