[wp-trac] [WordPress Trac] #37021: heartbeat goes bonkers and spams host with ajax requests every few seconds

WordPress Trac noreply at wordpress.org
Tue Mar 23 05:19:17 UTC 2021 

#37021: heartbeat goes bonkers and spams host with ajax requests every few seconds
----------------------------+-------------------------
 Reporter:  ncslhostmaster  |       Owner:  (none)
     Type:  defect (bug)    |      Status:  closed
 Priority:  normal          |   Milestone:
Component:  Administration  |     Version:  4.5.2
 Severity:  normal          |  Resolution:  invalid
 Keywords:                  |     Focuses:  javascript
----------------------------+-------------------------
Changes (by mikeschroder):

 * status:  new => closed
 * resolution:   => invalid


Old description:

> I have a client who uses 3rd party hosting for their Wordpress site. The
> site has lots of plugins, among them heartbeat control and idle user
> logout. We have noticed the behavior where, under some condition, the
> browser starts spamming the host with ajax requests (/wp-admin/admin-
> ajax.php?action=get_current_status) until the server overloads, runs out
> of memory and renders all sites and services on the host unusable. I have
> been reading about this problem on the wordpress blogs and thus have
> installed heartbeat and idle user logout to address the issue. However,
> the issue still appears, though less often. Finally today we saw it
> happening before the overload had taken place, and were able to contact
> the user, find out what they were doing, and narrow down the possible
> causes. I am hoping that this will be helpful information for the
> developers. Here is some specific information that I have to pass on:
> 1 - The laptop that appeared to be the cause of the problem was logged
> into the admin interface using the chrome browser. It had many tabs open,
> some on the same page. The user had been updating pages, switching
> between tabs, and reviewing the changes. They have both an english and a
> french area to the site, and were translating from english to french,
> using copy and past and a translation package.
> 2 - The heartbeat settings should have limited the ajax connection rate
> to every 60 seconds, but clearly was not doing so.
> 3 - Idle User Logout should have knocked off the laptop after 3600
> seconds, however, the laptop had been sitting there logged in for 17
> hours, idle and it never logged out.
> Other notes:
> The user also had a desktop computer in another room, and had been doing
> similar things on it, but using the firefox browser. When the problem was
> occuring I had the user close down tabs on the desktop, but it did not
> change the incoming connection rate. When the user went to the laptop and
> closed the tabs on the laptop, and logged it out, the spamming stopped. I
> suspect it is a javascript related issue, maybe related to chrome, maybe
> also related to multiple tabs, that causes the behavior to go wrong.
> I would be willing to provide more detailed information if it is needed.
> Regards,
> Steve

New description:

 I have a client who uses 3rd party hosting for their WordPress site. The
 site has lots of plugins, among them heartbeat control and idle user
 logout. We have noticed the behavior where, under some condition, the
 browser starts spamming the host with ajax requests (/wp-admin/admin-
 ajax.php?action=get_current_status) until the server overloads, runs out
 of memory and renders all sites and services on the host unusable. I have
 been reading about this problem on the wordpress blogs and thus have
 installed heartbeat and idle user logout to address the issue. However,
 the issue still appears, though less often. Finally today we saw it
 happening before the overload had taken place, and were able to contact
 the user, find out what they were doing, and narrow down the possible
 causes. I am hoping that this will be helpful information for the
 developers. Here is some specific information that I have to pass on:
 1 - The laptop that appeared to be the cause of the problem was logged
 into the admin interface using the chrome browser. It had many tabs open,
 some on the same page. The user had been updating pages, switching between
 tabs, and reviewing the changes. They have both an english and a french
 area to the site, and were translating from english to french, using copy
 and past and a translation package.
 2 - The heartbeat settings should have limited the ajax connection rate to
 every 60 seconds, but clearly was not doing so.
 3 - Idle User Logout should have knocked off the laptop after 3600
 seconds, however, the laptop had been sitting there logged in for 17
 hours, idle and it never logged out.
 Other notes:
 The user also had a desktop computer in another room, and had been doing
 similar things on it, but using the firefox browser. When the problem was
 occuring I had the user close down tabs on the desktop, but it did not
 change the incoming connection rate. When the user went to the laptop and
 closed the tabs on the laptop, and logged it out, the spamming stopped. I
 suspect it is a javascript related issue, maybe related to chrome, maybe
 also related to multiple tabs, that causes the behavior to go wrong.
 I would be willing to provide more detailed information if it is needed.
 Regards,
 Steve

--

Comment:

 Hi @ncslhostmaster !

 Thank you for the report, and I'm very sorry it's taken this long for a
 reply.

 This ticket was talked about in
 [https://wordpress.slack.com/archives/C02RQBWTW/p1616475811224700 a triage
 session today].

 Folks present noticed that `/wp-admin/admin-
 ajax.php?action=get_current_status` was being called in the report, but
 weren't able to find a `get_current_status` action in core. This might
 mean that the action comes from a plugin or theme.

 It was also noted that browser behaviors have changed since the time of
 this ticket, to improve background behavior.

 Because it looks like this is likely caused by code outside of core, I'm
 going to go ahead and close this ticket.

 However, if you're still having the issue, I recommend reaching out
 [https://wordpress.org/support/forums/ on the support forums], and someone
 should be able to help you there.

 Thanks again!

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/37021#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list