Page MenuHomePhabricator
Create Task
Maniphest T336715

Investigate relation of Prefetch feature to increase in automated traffic and impact on unique devices
Open, MediumPublicSpike
Actions

Assigned To
Mayakp.wiki
Authored By
Mayakp.wiki
May 16 2023, 12:16 AM
Tags
Referenced Files
F37727842: image.png
Sep 15 2023, 7:05 PM
F37030614: Screenshot 2023-05-23 at 3.14.52 PM.png
May 23 2023, 10:24 PM
F36999796: image.png
May 16 2023, 12:16 AM
F36999773: image.png
May 16 2023, 12:16 AM
Subscribers
fkaelin
kostajh
kzimmerman
leila
Mayakp.wiki
mforns
MGerlach
View All 12 Subscribers

Description

We have been observing spikes in our automated bot traffic since June 2022. Based on our conclusion from T341848#9170131 , we have identified that the rise in pageview traffic (automated and user) can be attributed to Chrome's private prefetch feature that released in June 2022.

This task has been modified to remove our initial hypothesis of this being due to UA deprecation and will record all the discussions we've had so far and next steps.

Related Objects
Search...

Event Timeline

Mayakp.wiki created this task.May 16 2023, 12:16 AM
Mayakp.wiki added a project: Data-Engineering.May 16 2023, 3:44 PM
mpopov added subscribers: Miriam, leila, mpopov.May 16 2023, 5:09 PM

@kzimmerman to set priority after checking in with @leila & @Miriam

mpopov moved this task from Triage to Tracking on the Product-Analytics board.May 16 2023, 5:09 PM
Mayakp.wiki mentioned this in T336084: [SPIKE] Model impact of User-Agent deprecation on top line metrics.May 16 2023, 11:23 PM
Mayakp.wiki added a parent task: T322697: Investigate recent rises in Automated traffic.May 19 2023, 4:05 PM
Mayakp.wiki changed the subtype of this task from "Task" to "Spike".May 19 2023, 4:10 PM
Mayakp.wiki updated the task description. (Show Details)May 23 2023, 10:24 PM
leila added a comment.May 30 2023, 8:19 PM

moving to Research-Freezer until more information becomes available.

leila removed a project: Research.May 30 2023, 8:19 PM
leila added a project: Research-Freezer.
mforns subscribed.May 31 2023, 6:45 PM
kostajh subscribed.Jun 1 2023, 10:26 AM
Mayakp.wiki added a project: Movement-Insights.Jun 5 2023, 9:44 PM
Mayakp.wiki updated the task description. (Show Details)Jun 5 2023, 11:06 PM
MGerlach subscribed.Jun 16 2023, 7:10 AM
kzimmerman assigned this task to Mayakp.wiki.Jun 21 2023, 7:29 PM

@MGerlach will consult on this. Assigning the investigatory task to @Mayakp.wiki.

kzimmerman triaged this task as Medium priority.Jun 21 2023, 7:29 PM
nshahquinn-wmf moved this task from Incoming to Current epics on the Movement-Insights board.Jun 27 2023, 6:15 PM
nshahquinn-wmf moved this task from Current epics to Incoming on the Movement-Insights board.
Mayakp.wiki moved this task from Incoming to Next 2 weeks on the Movement-Insights board.Jun 27 2023, 6:18 PM
JArguello-WMF moved this task from Incoming (new tickets) to Data Products & Metrics on the Data-Engineering board.Jun 29 2023, 11:27 PM
Mayakp.wiki moved this task from Next 2 weeks to Doing on the Movement-Insights board.Jul 5 2023, 11:02 PM
fkaelin subscribed.Jul 11 2023, 2:51 PM
nshahquinn-wmf subscribed.Jul 12 2023, 11:16 PM
Iflorez mentioned this in T341743: Can we see chatgpt accesses in logs?.Jul 17 2023, 11:58 PM
Mayakp.wiki added a comment.Aug 28 2023, 11:11 PM

We are meeting this week to make a decision to turn off pre-fetch from Wikimedia-side (T218618#9028512 ) to potentially reduce 1-2B requests per month.

Mayakp.wiki added a comment.Aug 30 2023, 11:53 PM

Decisions:
With the assumption that we tag pre fetch requests as automated traffic and don't see a corresponding decline in User traffic, we don't see an immediate need to turn off this feature.

  • another reason to continue this feature is because it enhances user experience by reducing load times, which is beneficial for the consumers of our projects and could lead to increase in unique devices (which is an annual plan metric that we are aiming to move up).

Questions:

  1. since a connection is established before a user accesses our page (how this feature works), what happens after the user actually clicks on the links? does this get recorded as a user pageview (even though the browser doesn't have to send a request again) ?

Action Items:

  • What happens when a user clicks on the pre fetched page? Is that recorded as a pageview?
    • Connect with partnerships to do factfinding with Google
    • Dig into our data on user traffic and how we’re segmenting traffic
  • Circle with DE and discuss about this
kostajh updated the task description. (Show Details)Sep 1 2023, 6:32 AM
MGerlach mentioned this in T341848: Consult on investigation of relation between UA deprecation and increase in automated traffic.Sep 1 2023, 1:43 PM
Mayakp.wiki added a comment.EditedSep 1 2023, 10:12 PM

There are several questions that would be great to get more answers from Partnerships and Google:

  • they should have statistics on the number of pre-fetches to our site (since it goes through their private proxy). does this match our estimated numbers?
  • clarify how they make requests for pages that users navigate to but are already pre-fetched
  • statistics on the speed benefit for users. how large is the benefit of this feature for users (ideally depending on the region)? there is a cost-benefit trade-off (for us). if we had pre-fetched everything for everyone, the time to serve would be very small; however, our infrastructure couldnt cope with this. so how large is the improvement in user-experience compared to the additional cost of serving 2B pageviews per month? for example, if there is 1ms improvment per 1B additional pageviews it would not be worth it. but maybe if it was 100ms per 1B additional pageviews? I could imagine folks from SRE/Traffic have opinions/expertise on this; I am sure they have some metrics/dashboards on latency but I cant find this now. this blogpost mentions some metrics around this (so maybe Brandon might be someone to reach out to about this?)
Isaac mentioned this in T218618: Add no-transform to Cache-Control header.Sep 12 2023, 2:03 PM
MGerlach closed subtask T341848: Consult on investigation of relation between UA deprecation and increase in automated traffic as Resolved.Sep 15 2023, 2:08 PM
Mayakp.wiki added a subscriber: OSefu-WMF.Sep 15 2023, 7:05 PM
In T336715#9132510, @Mayakp.wiki wrote:

Action Items:

  • What happens when a user clicks on the pre fetched page? Is that recorded as a pageview?
    • Connect with partnerships to do factfinding with Google
    • Dig into our data on user traffic and how we’re segmenting traffic
  • Circle with DE and discuss about this

Follow up on Action Items

  • Dig into our data on user traffic and how we’re segmenting traffic

discussions with @MGerlach - There seems to also be a smaller increase in user-traffic following a similar pattern (to automated) and is indeed a bit more difficult to understand. some speculation:

  • no decrease in user-traffic: could be explained if the pre-fetch is not getting the "correct" pages, i.e. those that users will navigate to. that means we will get a lot of pre-fetches, but then users might navigate to other pages
  • increase in user-traffic: this could be explained by automated traffic from the pre-fetches which is labeled as user-traffic. I am not sure how the private proxy from chrome works. but on our side, we only see that lots of requests from the pre-fetches will have the same origin (e,g, IP etc.) which our automated traffic algorithm will then mark as automated. however, I could imagine that the algorithm will not work 100% correctly, i.e. some of the pre-fetches might appear as genuine traffic since they are not explicitly labeled as such and we are just applying the heuristics from the bot-detection algorithm.
  • Circle with DE and discuss about this

Had a meeting with @mforns where we saw that User traffic mimics automated traffic patterns and makes us wonder if pre-fetch is showing up as user and the cause for increases in user traffic as well.

image.png (371×1 px, 40 KB)

  1. we need to find a way to tag the prefetch proxy traffic. Ideally in webrequest and other derived pageview tables for easy analysis.
    • this is possible using the 'Sec-Purpose: prefetch; anonymous-client-ip' request header.
    • note that we would not want to change any of our existing dimensions (like agent_type) to indicate prefetch pageviews since this will break our reporting and has consequences on Superset dashboards. Instead find a way to store this in any existing field or create new field
  2. Simulate UA deprecation in non-Chrome browser and run bot pipeline (automated bot, or unique devices) to see the difference.
    • We will get the true number of unique devices; and simulating shows a change of x%
    • If its not, then this will be another piece of evidence that ua deprecation doesnt relate to inc in automated traffic. Confident to discard this hypothesis
    • If yes, then extrapolate for Chromium.
Milimetric added a comment.Sep 15 2023, 7:33 PM
  1. we need to find a way to tag the prefetch proxy traffic. Ideally in webrequest and other derived pageview tables for easy analysis.
    • this is possible using the 'Sec-Purpose: prefetch; anonymous-client-ip' request header.
    • note that we would not want to change any of our existing dimensions (like agent_type) to indicate prefetch pageviews since this will break our reporting and has consequences on Superset dashboards. Instead find a way to store this in any existing field or create new field

The choice here seems be be between categorizing these as automata or spider, because user is definitely not correct.

  • automata is more about automated user agents that we detect out of traffic patterns
  • spider is more about actual web crawlers. This might be a bit of a stretch but these are like real-time spiders, they're essentially pre-crawling the page to give their users a better experience. Of the available options, this seems the best. We could also add a new field, and we should think carefully either way.
mforns added a comment.Sep 22 2023, 4:44 PM

+1 spider

lbowmaker moved this task from Data Products & Metrics to Icebox (not considered in current quarter) on the Data-Engineering board.Nov 10 2023, 2:26 PM
Mayakp.wiki added a comment.Fri, Apr 5, 10:11 PM
  • Dig into our data on user traffic and how we’re segmenting traffic

We were able to look into our traffic and get stats on the amount of prefetch requests, thanks to the implementation in T346463

  • Connect with partnerships to do factfinding with Google

We met with Google on Mar 20, 2024 and were able to get some answers to our questions, but we need to follow up with them via email to decide on whether we should switch off the prefetch feature. see notes doc for more info

Mayakp.wiki renamed this task from Investigate relation of UA deprecation to increase in automated traffic and reduction in unique devices to Investigate relation of Prefetch feature to increase in automated traffic and impact on unique devices.Tue, Apr 23, 6:19 PM
Mayakp.wiki removed a project: Product-Analytics.
Mayakp.wiki updated the task description. (Show Details)
Mayakp.wiki added a comment.Tue, Apr 23, 6:24 PM

We are leaning towards switching off the Prefetch feature since the fraction of requests with no-cookies is 17.5% . numbers in the notebook (last cell)

According to the public documentation, if there is a cookie, a fetch happens, but is not used.

“Chrome currently restricts the usage of Private Prefetch Proxy to websites for which the user has no cookies or other local state. If there is a cookie for a resource, Chrome will make an uncredentialed fetch but will not use the response”

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL