The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Apache Instantly Spawning

Discussion in 'EasyApache' started by abusedreality, Nov 24, 2004.

  1. abusedreality

    abusedreality Well-Known Member

    Joined:
    Apr 15, 2003
    Messages:
    54
    Likes Received:
    0
    Trophy Points:
    6
    Hello,

    Every time I start apache it is instantly spawing from 1 process upto 152 in under 10 seconds, Below I have pasted an example of what I mean. I would like to note this is a new server and has 14 accounts MAXIMUM none of which use cpu, Most of them are blank pages so this is not good.

    Opinions anyone?
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    You're most likely under a DOS attack.

    You could try installing mod_dosevasive, or you could do the following:

    1. Install an iptables firewall such as APF (if you're on Linux).

    2. Temporarily block port 80 and watch your log file /var/log/messages for the IP address that's causing the problems. Unblock port 80 and stick that IP address permanently in the firewall.

    There are many other ways of doing this, but it should help you identify the culprit, if it is a DOS.
     
  3. abusedreality

    abusedreality Well-Known Member

    Joined:
    Apr 15, 2003
    Messages:
    54
    Likes Received:
    0
    Trophy Points:
    6
    Well, Its been going since yesterday.

    Yep, Already installed

    <IfModule mod_dosevasive.c>
    DOSHashTableSize 3097
    DOSPageCount 2
    DOSSiteCount 50
    DOSPageInterval 1
    DOSSiteInterval 1
    DOSBlockingPeriod 10
    DOSSystemCommand "/usr/local/sbin/apf -d %s"
    </IfModule>

    Will give the other option a try, However shouldn't it affect the cpu load of the server if its a ddos attack, as at the moment cpu is

     
  4. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Not necessarily. If Apache is being swamped with connections it simply stops serving pages. Are you still able to browse to your sites on the server when this is happening?
     
  5. GOT

    GOT Get Proactive!

    Joined:
    Apr 8, 2003
    Messages:
    900
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Norfolk, VA
    cPanel Access Level:
    DataCenter Provider
    What is teh result of:

    netstat -n | grep :80 | wc
     
Loading...

Share This Page