<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Marcello,<br>
<br>
You can limit the number of httpd processes by editing
/etc/httpd/conf/httpd.conf. Find the section for the prefork MPM
configuration and change the line:<br>
<br>
ServerLimit 256<br>
<br>
This line sets the max number of copies of apache that will be
started. Set that to a lower number and restart httpd. The
number to choose depends on your RAM.<br>
<br>
You can run, "tail -f /var/log/httpd/access_log
/var/log/httpd/error_log" to watch what is happening. If it looks
malicious and if the malicious behavior is coming from a few IP
addresses, you can block them using iptables. This has
instructions on how to do that:
<a class="moz-txt-link-freetext" href="http://www.cyberciti.biz/faq/linux-iptables-drop/">http://www.cyberciti.biz/faq/linux-iptables-drop/</a>. Be sure you do
not block yourself!<br>
<br>
If the problem is not caused by malicious behavior but by
something like an overactive web crawler, you should consider
turning on keep-alives. This will let a client reuse a connection
for several requests rather than making a new connection for each
request. If you run, "netstat -na|grep TIME_WAIT|wc -l" and get a
large number, turning on keep-alives will usually help. (The
TIME_WAIT state is used while a connection is closing.)<br>
<br>
To turn on keep-alives, edit /etc/httpd/conf/httpd.conf and change
"KeepAlive Off" to "KeepAlive On". I suggest also setting the
timeout to a lower number, perhaps, "KeepAliveTimeout 5". Once
you have made your changes, restart httpd.<br>
<br>
Good luck!<br>
<br>
Eric Peabody<br>
<br>
<br>
On 5/18/13 7:20 AM, Marcello Torchio wrote:<br>
</div>
<blockquote
cite="mid:CAPREzeCirJ0VR7WXoha5JC9bOKyO5ENzupcWO-xiY0dOmtD7OQ@mail.gmail.com"
type="cite">
<div dir="ltr">Hi,
<div><br>
</div>
<div>i'm having trouble with my BO server.</div>
<div><br>
</div>
<div style="">Few minutes ago one of my customer contact me
saying that his website was down.</div>
<div style=""><br>
</div>
<div style="">
I've connected to server through SSH and i was unable to
restart httpd.</div>
<div style=""><br>
</div>
<div style="">There were 3 httpd processes "froze"</div>
<div style=""><br>
</div>
<div style="">So i'v done kill -9 PID and restarted httpd</div>
<div style=""><br>
</div>
<div style="">All works fine.</div>
<div style=""><br>
</div>
<div style=""><br>
</div>
<div style="">The problem is that if I restart httpd all the
memory (RAM) will be completely used.</div>
<div style=""><br>
</div>
<div style="">
running top from terminal says that there are a lot op httpd
processes, responsible of that big RAM usage.</div>
<div style=""><br>
</div>
<div style="">Is there any kind of DoS attack?</div>
<div style=""><br>
</div>
<div style="">What can i do?</div>
<div style=""><br>
</div>
<div style="">Thanks</div>
<div style=""><br>
</div>
<div style="">Marcello</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Blueonyx mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Blueonyx@mail.blueonyx.it">Blueonyx@mail.blueonyx.it</a>
<a class="moz-txt-link-freetext" href="http://mail.blueonyx.it/mailman/listinfo/blueonyx">http://mail.blueonyx.it/mailman/listinfo/blueonyx</a>
</pre>
</blockquote>
<br>
</body>
</html>