That is not a database look-up per-say, it is using a built in php function. Do some diligence and you will find a lookup at project honey pot et al takes longer.
Now you're just being facetious. Yes, a lookup to an external site will take longer, which is why I was clarifying that you weren't referring to anything additional there. Though if you're behind a slow RDNS, even the DNS roundtrip can be slow.
You will discover that it is a Ubuntu issue and note the issue is for a function that is NOT used in the mod.
It's not used because it was commented out following that issue. Oh, and I get the same behaviour on Windows, which kind of blows that theory out of the water. But as all the comments for
http://php.net/gethostbyaddr show, it can lag pretty hard anyway...
Why?
I think you misunderstand me. There are parts of the code that do use IPv4 blocks for checking (some of the search engine checks, mainly). IPv4 is exhausted at the most coarse level, several of the RIRs are talking about exhaustion by them within 3-6 months, so it only makes sense to have IPv6 support - and if you're using in SMF, you kind of need to get your checks in very, very early (I can't remember how early you added them) because cleanRequest() will nuke the IPv6 address because it doesn't understand IPv6.
Oh, and if you're trying to tell me your implementation of BB into SMF is solid, I really hope you're not trying to store binary compressed IP addresses into a 16 byte character field, since there will typically be some invalid code points in there.
And roundtripdns.inc.php even says itself that it's not IPv6 safe.
But honestly, further ipv6 development for both mods for the roundtrip test is a waste of time until ipv6 becomes more popular. Maybe next winter.
Actually in all honesty it's a waste of time until SMF supports IPv6. Fortunately, I don't have that problem, since I do have IPv6 support in the core in my development files.
The other disturbing thing was that my site is a world of warcraft related site and many of the bot queries actually had keywords that are specific to warcraft and other MMOs, so it appears that at least some of the bots are targeting specific types of sites.
WoW is a big enough presence even in fan forums that it's worth spending some effort targetting them. But yeah, mostly they're finding forums through search engines. But I will echo what Lex said, some of those search terms are vBulletin or phpBB specific - but they will show up in *links* between forums too.
You certainly got my curiosity up, because I've noticed a peculiar pattern in the attacks I've been getting--they're not using everybody's username, just 4 (on both my boards). They're not all admin or mod people, either (2 admin, 1 mod, one regular). It's something that makes me go "hmmmm."
That's not the only commonality, either.