lintho wrote:
But what if its google, bing or some other useful crawler?
The IP address from China hurting my database was a Baiduspider. Apparently Baidu is an index in China, but I'm ok blocking as I don't have customers in China.
lintho wrote:
Do you think its stuck in some loop, or could it be that the method is accessed a ton?
Sorry, I don't know. I'm not an expert, or even a developer for that matter, I'm just a business owner who liked NopCommerce, and the idea of hosting it in the cloud.
Either way, looped or accessed at on everything points to fact that the stored procedure is an issue, especially if a bot or spider gets caught in it.
chadwixk wrote:Yes! Have that Chinese visitor as well. Can maybe set up a firewall rule to block Chinese IP addresses in Azure?
I added the following to my web.config file between the <system.webserver> tags:
<security>
<ipSecurity>
<add ipAddress="180.76.15.0" subnetMask="255.255.255.0" />
</ipSecurity>
</security>
and now the CPU usage on my database has dropped to below 1%. Time to switch back to S2.
I do think I will have to look more into ModSecurity as a better long term solution, and would love to hear from anyone who has installed it on their Azure Web App.