Protect bloating my DB like crazy!

  • So I was trying out the new WP Sweep plugin: https://www.ads-software.com/plugins/wp-sweep/ and found that particularly one one of our highest traffic sites, there were tons of transients in the DB, in excess of half a million. This was making the DB way larger than it needed to be and after clearing them, got it down from 144MB to a mere 20MB. Two main transients showed up over and over, and are already accumulating again. They each accounted for over a quarter-million rows in the DB.

    They were/are: _transient_timeout_jpp_li_XXXX and _transient_jpp_li_XXXX. I assume “jpp” means JetPack Protect (formerly BruteProtect). The first contains blocked IP’s etc. Isn’t there a more efficient way to store blocked/banned IP’s? Half-a-million rows in the DB and over 100MB worth of data, just seems a bit much. It’s slowing the site down (the WP admin is much quicker now that I’ve cleared it). Isn’t there another way the plugin can do that without bloating (and slowing) the DB? Or is this some kind of bug, and those aren’t supposed to stay in there that long?

    I’ve disabled Protect for now, and instead enabled bruteforce protection within iThemes Security, since it has the option to store in a file, instead of the DB.

    https://www.ads-software.com/plugins/jetpack/

Viewing 10 replies - 1 through 10 (of 10 total)
  • Plugin Author Jeremy Herve

    (@jeherve)

    Jetpack Mechanic ??

    Do you happen to use a plugin that modifies the core cron functions? Jetpack uses CRON to clean up after itself and delete transients daily. If that doesn’t happen on your site, it could be because cron cannot be triggered.

    Thanks!

    Thread Starter Tevya

    (@thefiddler)

    No, I dont think so. Unless WP Rocket’s caching is somehow preventing wp-cron from being fired…?

    Thread Starter Tevya

    (@thefiddler)

    On a couple of other sites, I’ve seen 150k+ of “_site_transient_brute_loginable_” would that be BruteProtect?

    Plugin Author Jeremy Herve

    (@jeherve)

    Jetpack Mechanic ??

    Unless WP Rocket’s caching is somehow preventing wp-cron from being fired…?

    No, I don’t think WP Rocket does that.

    What are the other plugins installed on your site?

    would that be BruteProtect?

    Yes, the transient was added by the BruteProtect plugin. The transient isn’t part of the Jetpack plugin, though.

    Thread Starter Tevya

    (@thefiddler)

    Pretty sure WP Rocket doesn’t prevent that. That was all I could think of….

    Active Plugins:
    Add Widget After Content
    Akismet
    All in One SEO Pack Pro
    BetterOptin
    BetterOptin Addon: MailChimp
    Chimpy Lite – MailChimp WordPress Plugin
    Disable Comments
    Elegant Themes Updater
    Fancier Author Box
    Featured Image In Rss Feed
    Google Analyticator
    Gravity Forms
    Gravity Forms MailChimp Add-On
    Image Widget
    iThemes Security
    Jetpack by WordPress.com
    Monarch Plugin
    Simple Lightbox
    Subscribe to Comments Reloaded
    T5 Comment Textarea On Top
    WP-Sweep
    wpMandrill
    WP Post Series
    WP Rocket
    WP User Avatar

    Plugin Author Jeremy Herve

    (@jeherve)

    Jetpack Mechanic ??

    None of these plugins should change the way cron behaves, so something else could be at play here.

    Could you try to use WP-Sweep to clear all Jetpack Protect transients, then update to the latest Jetpack version and let me know if the transients start accumulating again?

    Thanks!

    Thread Starter Tevya

    (@thefiddler)

    I’ve turned it off. But am willing to try again, to help out (appreciate all the JetPack team does, even though we only use it on a few of the sites we manage). It’s mostly a matter of me getting time to work on it, since I’ll need to turn off iThemes Security’s brute protection, etc.

    How long are those entries supposed to stay in there? Like if I let it go for 48hrs, should I only see ones up to 24hrs old? Just so I know what to expect/look for.

    I’m also wondering if it’s possible that nginx or Varnish might be conflicting in some way…? Both are part of our hosting’s stack.

    Plugin Contributor Sam Hotchkiss

    (@samhotchkiss)

    Hey Tevya!

    Transients older than 1 week should be cleared out automatically. I was just looking at the code, there’s no reason for us to wait this long, so I’m going to change it to daily for 3.7.

    Once you update to 3.7, would you mind taking a fresh look?

    Plugin Contributor Sam Hotchkiss

    (@samhotchkiss)

    If you wanted to just apply the patch directly:

    https://github.com/Automattic/jetpack/pull/2498

    Thread Starter Tevya

    (@thefiddler)

    Sam I really want to help out here. You’ve been a great help to me in the past. However, I think right now it’s not realistic for me to do further testing on this. I’ve switched the affected sites to iThemes Security’s brute force protection.

    The problem is I’ve just got too much on my plate atm. If you’d still like testing in a few months, I’d be happy to do what I can, then. I’m in process of trying to eliminate a few things and should be good to go in a few months.

Viewing 10 replies - 1 through 10 (of 10 total)
  • The topic ‘Protect bloating my DB like crazy!’ is closed to new replies.