Why did PostgreSQL choose a sequential scan even though my query has a WHERE clause?

The query planner chooses Seq Scan when no suitable index exists, or when table statistics are stale and the planner incorrectly estimates that a Seq Scan is cheaper. After creating your composite index, run `ANALYZE users;` to force a statistics refresh. If the planner still chooses Seq Scan after that, check if your WHERE clause columns match the index column order exactly — equality predicates must come before range predicates in the index definition.

Will CREATE INDEX lock my production table and cause downtime?

A standard `CREATE INDEX` acquires an `AccessExclusiveLock` — it blocks all reads and writes for the duration of the build, which on a 4M+ row table can be several minutes. Always use `CREATE INDEX CONCURRENTLY` in production. It takes longer to build and cannot run inside a transaction block, but it only acquires a weaker lock that does not block normal read/write operations.

How do I know which columns to include in the composite index?

Run `EXPLAIN (ANALYZE, BUFFERS) ` and look at the Filter and Index Cond lines. Columns in equality conditions (`=`) go first in the index. Columns in range conditions (`>`, `<`, `BETWEEN`, `LIKE 'prefix%'`) go last. If your query also has an `ORDER BY`, align the last index column's sort direction (`ASC`/`DESC`) with the ORDER BY direction to eliminate a sort step entirely.

How to Fix Slow PostgreSQL Sequential Scans on Large Tables: Missing Composite Index on WHERE Clause

Threat/Impact Level: HIGH | Exploitability/Downtime Risk: HIGH | Time to Fix: 15 mins

TL;DR

What broke: PostgreSQL is executing a full sequential scan on the users table — every row is being read for a query that should touch a fraction of them. Execution time: 5,400ms.
How to fix it: Create a composite index covering the exact columns in your WHERE clause (and optionally ORDER BY). Execution time drops to <50ms in most cases.
Fast path: Use our Client-Side Sandbox above to paste your slow query and schema — it will auto-generate the CREATE INDEX CONCURRENTLY statement and refactored query without sending your data anywhere.

The Incident (What Does the Error Mean?)

Your query planner output or APM tool is showing something like this:

Slow query detected
  Execution time : 5400ms
  Query          : SELECT * FROM users WHERE status = 'active' AND created_at > '2024-01-01'
  Plan node      : Seq Scan on users
  Estimated cost : 98432.00..184729.00
  Rows examined  : 4,200,000
  Rows returned  : 12,847

PostgreSQL's query planner chose a Seq Scan — it read all 4.2 million rows to return fewer than 13,000. This is not a query bug. This is the planner telling you it has no better option. The index it needs does not exist.

At 5.4 seconds, this query is already a user-facing latency event. Under concurrent load — 10 users hitting this endpoint simultaneously — you are looking at connection pool exhaustion and cascading timeouts across your entire application tier.

The Attack Vector / Blast Radius

This is not an isolated slow query. Here is the failure chain:

Query holds a transaction open for 5.4s. Any row-level locks acquired during this window block writes on users.
Connection pool saturation. If your pool ceiling is 20 connections (standard for PgBouncer in transaction mode), 4 concurrent slow queries consume 20% of capacity. At 10 concurrent, the pool queues. At 20 concurrent, your app throws connection timeout errors.
Autovacuum interference. A table being sequentially scanned this frequently generates dead tuple pressure. Autovacuum kicks in more aggressively, competing for I/O with your live queries.
Read replica lag. If you are streaming this query to a read replica, the replica's query executor is under identical pressure. Replication lag grows. Your replica-based reporting queries now return stale data.
The compounding effect. As the users table grows — and it will — this query does not degrade linearly. It degrades proportionally to row count. At 10M rows, you are at 12,000ms+.

The blast radius is your entire application availability, not just one slow endpoint.

How to Fix It (The Solution)

Basic Fix — Add the Composite Index

The rule for composite index column ordering: Equality predicates first, range predicates last.

For WHERE status = 'active' AND created_at > '2024-01-01', status is equality, created_at is range. Index column order: (status, created_at).

- -- No index. Planner falls back to Seq Scan. 4.2M rows examined.
- SELECT id, email, created_at
-   FROM users
-  WHERE status = 'active'
-    AND created_at > '2024-01-01'
-  ORDER BY created_at DESC;

+ -- Step 1: Create the index. CONCURRENTLY avoids a full table lock in production.
+ CREATE INDEX CONCURRENTLY idx_users_status_created_at
+     ON users (status, created_at DESC);
+
+ -- Step 2: Your query is unchanged. The planner now uses an Index Scan.
+ -- Rows examined drops from 4,200,000 to ~12,847. Execution time: <50ms.
+ SELECT id, email, created_at
+   FROM users
+  WHERE status = 'active'
+    AND created_at > '2024-01-01'
+  ORDER BY created_at DESC;

Verify the planner is using your index:

EXPLAIN (ANALYZE, BUFFERS, FORMAT TEXT)
SELECT id, email, created_at
  FROM users
 WHERE status = 'active'
   AND created_at > '2024-01-01'
 ORDER BY created_at DESC;
-- Look for: "Index Scan using idx_users_status_created_at" in the output.
-- Seq Scan in the output after index creation = statistics are stale. Run: ANALYZE users;

Enterprise Best Practice — Partial Index + Covering Index

If status = 'active' is a low-cardinality, high-frequency filter (e.g., 90% of your queries only ever query active users), a partial index is smaller, faster to build, and cheaper to maintain:

- -- Generic composite index. Indexes ALL status values including 'deleted', 'banned', 'pending'.
- -- Index size: ~800MB on 4.2M rows.
- CREATE INDEX idx_users_status_created_at
-     ON users (status, created_at DESC);

+ -- Partial index. Only indexes rows WHERE status = 'active'.
+ -- Index size: ~180MB. Faster lookups. Lower write amplification on INSERT/UPDATE.
+ CREATE INDEX CONCURRENTLY idx_users_active_created_at
+     ON users (created_at DESC)
+  WHERE status = 'active';
+
+ -- Covering index variant: include 'email' to enable Index-Only Scan.
+ -- Eliminates heap fetches entirely for this query pattern.
+ CREATE INDEX CONCURRENTLY idx_users_active_created_at_covering
+     ON users (created_at DESC)
+  INCLUDE (id, email)
+  WHERE status = 'active';

When to use a covering index (INCLUDE): When your SELECT list columns are not part of the index key but are fetched in every query. PostgreSQL can satisfy the entire query from the index without touching the heap. On a table with a high dead-tuple ratio, this is a significant win.

Set work_mem appropriately for sort operations:

-- Session-level for this query if ORDER BY is still slow post-index:
SET work_mem = '64MB';

💡 Tired of pasting proprietary configs into ChatGPT? Generic AI tools log your company's ARNs, DB strings, and private keys. StackEngine is a zero-backend, pure Client-Side WASM utility. Drop your failing config into the sandbox above. We redact your secrets locally in the browser and auto-generate the refactored code using your own API key.

Prevention in CI/CD

A missing index in production means it passed code review, passed staging, and passed your deployment pipeline. Seal all three gaps:

1. Enforce query analysis in your migration pipeline.

Use pganalyze or squawk as a CI linter on every .sql migration file:

# .github/workflows/db-lint.yml
- name: Lint SQL migrations with Squawk
  run: |
    squawk migrations/*.sql
    # Squawk flags: missing-index, ban-drop-column, require-concurrent-index

2. Detect slow queries automatically in production.

Enable pg_stat_statements and alert on queries exceeding your SLO threshold:

-- Enable once per cluster:
CREATE EXTENSION IF NOT EXISTS pg_stat_statements;

-- Query to surface your top offenders (run this NOW):
SELECT query,
       calls,
       round(mean_exec_time::numeric, 2) AS mean_ms,
       round(total_exec_time::numeric, 2) AS total_ms
  FROM pg_stat_statements
 WHERE mean_exec_time > 1000  -- queries averaging over 1 second
 ORDER BY mean_exec_time DESC
 LIMIT 20;

3. Block sequential scans on large tables in staging.

-- Force the planner to avoid Seq Scans in your staging/CI environment.
-- Any query that would Seq Scan a large table will error, forcing dev attention.
SET enable_seqscan = OFF;  -- Session or per-database in postgresql.conf for staging only.

4. Add index coverage checks to your ORM layer.

If you use Django, Rails, or Prisma — configure query logging with a threshold and treat slow query log entries as build failures in your staging smoke test suite. A 5-second query that reaches production is a process failure, not just a performance issue.