Recently we’ve received an alert from one of our clients that
running threads are high on one of their servers. Once we logged
in, we noticed that all the selects were waiting for table level
read lock. We scrolled through the process list, and found the
selects which were causing the problems. After killing it,
everything went back to normal.
At first we couldn’t understand why the query took so long, as it looked like all the others. Then we noticed, that one of the WHERE clauses was strange. There, we found a SLEEP(3) attached with OR to the query. Obviously, this server was the victim of a SQL injection attack.
What is SQL injection?
I think …[Read more...]