APACHE -- crashing a system

BurtonHost

Member
May 8, 2002
11
0
301
Was running TOP and saw it happen - one process of apache uses all the processor and memory up, uses all the ram, all the swap, the load goes so high the server just crashes.. Can't find an explanation for this in the logs and I kept restarting apache and it would do it. Then, after a while it stopped and it's been fine since..

I'm told it was most probably the Apache exploit discovered but have to wait for a patch to be released by cPanel to update it..

Anyone else experienced this? Any solutions?

Thanks
 

norm

Well-Known Member
Apr 23, 2002
53
0
306
Find the PID of the process and compare it to server-status and see which website is responsible.

You may have a client running a resource intensive script
 

BurtonHost

Member
May 8, 2002
11
0
301
Thing is you can't catch it in time.. as soon as the apache process goes wild you cna't issue any command without a major lag as all teh processors, ram and swap get eaten in a matter of seconds...

I've been recommended to format and reinstall..
 

Mat

Well-Known Member
Sep 26, 2001
55
0
306
Right after it happens, turn off apache, and then look at the access logs, and see the last scripts executed, and track it down that way.. :D

You don't need to format..
 

BurtonHost

Member
May 8, 2002
11
0
301
Be careful of loops in PHP scripts.. they kill your server if you set it infinite.. and that's a guarantee..
The Apache memory limit is ineffective.
 

moronhead

Well-Known Member
Aug 12, 2001
706
0
316
[quote:b04cd2051d][i:b04cd2051d]Originally posted by BurtonHost[/i:b04cd2051d]

Be careful of loops in PHP scripts.. they kill your server if you set it infinite.. and that's a guarantee..[/quote:b04cd2051d]
BurtonHost, you're quite right on this. Do you know of any protection against this?
 

BurtonHost

Member
May 8, 2002
11
0
301
Well, I thought Limit apache memory was meant to sort this, but the script as soon as it was run just kept on going, and ate up all the ram, swap and processor.. so nothing would work on the server.. and you couldn't login to SSH for ages until it eventually freed some processor.

I'm hoping there will be something produced for protection against this..

I can give you a copy of the script if you would like.. and you can see it kill your server.