Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Apache too many process

Discussion in 'EasyApache' started by jameshsi, Jan 23, 2007.

  1. jameshsi

    jameshsi Well-Known Member

    Joined:
    Oct 22, 2001
    Messages:
    347
    Likes Received:
    0
    Trophy Points:
    316
    Hi!
    I just found my site shows very slow, and go to apache status in WHM to see the process went to 150, and many comes from some IPs from China, I got 2 thoughts:

    1. Ban all the IPs from China, using APF firewall.

    2. Is it possibile to use BFD+APF to ban those IPs try to continue to link my site's images ( I already set Hotlink Protection , but they just keep coming and coming), or try to keep post comments.

    Anyway, I need to find a way to lower down the apache process below to 150. Anyone can help ?


    Thanks.
     
  2. nwilkens

    nwilkens Well-Known Member

    Joined:
    May 4, 2006
    Messages:
    59
    Likes Received:
    0
    Trophy Points:
    156
    Location:
    Monroe MI
    cPanel Access Level:
    DataCenter Provider
    From: http://www.redrage.net/index.php?iptables_asia_drops=y

    I'm sure you can adapt this for apf, or you can use this in conjunction for the time being.. Also, you may not want to log all of this, if it is coming too quickly..

    I haven;t validated the address range either..

    I am sure there are a number of other tactics, but this may help.


    ------------------------------------------------------
    ## Blocking Networks from the Asia Pacific Region.

    iptables -A INPUT -s 58.0.0.0/7 -j LOG --log-prefix "FIREWALL HIT JAPAN: "
    iptables -A INPUT -s 58.0.0.0/7 -j DROP
    iptables -A OUTPUT -d 58.0.0.0/7 -j DROP

    iptables -A INPUT -s 220.0.0.0/7 -j LOG --log-prefix "FIREWALL HIT JAPAN: "
    iptables -A INPUT -s 220.0.0.0/7 -j DROP
    iptables -A OUTPUT -d 220.0.0.0/7 -j DROP

    iptables -A INPUT -s 222.0.0.0/8 -j LOG --log-prefix "FIREWALL HIT JAPAN: "
    iptables -A INPUT -s 222.0.0.0/8 -j DROP
    iptables -A OUTPUT -d 222.0.0.0/8 -j DROP

    iptables -A INPUT -s 126.0.0.0/8 -j LOG --log-prefix "FIREWALL HIT JAPAN: "
    iptables -A INPUT -s 126.0.0.0/8 -j DROP
    iptables -A OUTPUT -d 126.0.0.0/8 -j DROP

    iptables -A INPUT -s 60.0.0.0/7 -j LOG --log-prefix "FIREWALL HIT CHINA: "
    iptables -A INPUT -s 60.0.0.0/7 -j DROP
    iptables -A OUTPUT -d 60.0.0.0/7 -j DROP

    iptables -A INPUT -s 218.0.0.0/7 -j LOG --log-prefix "FIREWALL HIT CHINA: "
    iptables -A INPUT -s 218.0.0.0/7 -j DROP
    iptables -A OUTPUT -d 218.0.0.0/7 -j DROP

    iptables -A INPUT -s 122.0.0.0/7 -j LOG --log-prefix "FIREWALL HIT THAILAND: "
    iptables -A INPUT -s 122.0.0.0/7 -j DROP
    iptables -A OUTPUT -d 122.0.0.0/7 -j DROP

    iptables -A INPUT -s 124.0.0.0/7 -j LOG --log-prefix "FIREWALL HIT KOREA: "
    iptables -A INPUT -s 124.0.0.0/7 -j DROP
    iptables -A OUTPUT -d 124.0.0.0/7 -j DROP

    iptables -A INPUT -s 121.0.0.0/8 -j LOG --log-prefix "FIREWALL HIT Austrailia: "
    iptables -A INPUT -s 121.0.0.0/8 -j DROP
    iptables -A OUTPUT -d 121.0.0.0/8 -j DROP

    iptables -A INPUT -s 169.208.0.0/12 -j LOG --log-prefix "FIREWALL HIT Austrailia: "
    iptables -A INPUT -s 169.208.0.0/12 -j DROP
    iptables -A OUTPUT -d 169.208.0.0/12 -j DROP

    iptables -A INPUT -s 202.0.0.0/7 -j LOG --log-prefix "FIREWALL HIT Austrailia: "
    iptables -A INPUT -s 202.0.0.0/7 -j DROP
    iptables -A OUTPUT -d 202.0.0.0/7 -j DROP

    iptables -A INPUT -s 210.0.0.0/7 -j LOG --log-prefix "FIREWALL HIT Austrailia: "
    iptables -A INPUT -s 210.0.0.0/7 -j DROP
    iptables -A OUTPUT -d 210.0.0.0/7 -j DROP
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. jameshsi

    jameshsi Well-Known Member

    Joined:
    Oct 22, 2001
    Messages:
    347
    Likes Received:
    0
    Trophy Points:
    316
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice