The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Easyapache

Discussion in 'EasyApache' started by hostmedic, Oct 16, 2009.

  1. hostmedic

    hostmedic Well-Known Member

    Joined:
    Apr 30, 2003
    Messages:
    559
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Washington Court House, Ohio, United States
    cPanel Access Level:
    DataCenter Provider
    It seems that apache 2.2.11 and up do some strange things with mod_fcgi.
    In short The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).

    This is causing issues for a server.

    I am trying to figure out how - with Easy Apache we can choose a 2.2 version prior to 2.2.11

    any ideas?

    See http://security-tracker.debian.org/tracker/CVE-2009-1891

    and

    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=537922

    While they both state this is a debian bug - others are seeing this on apache.
    http://serverfault.com/questions/61787/modfcgid-process-doesnt-respawn

    My question here is not - how to fix the apache issue - but rather
    how can we pick another apache vs the one that it picks for us under the 2.2 option ?
     
    #1 hostmedic, Oct 16, 2009
    Last edited: Oct 16, 2009
  2. hostmedic

    hostmedic Well-Known Member

    Joined:
    Apr 30, 2003
    Messages:
    559
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Washington Court House, Ohio, United States
    cPanel Access Level:
    DataCenter Provider
    more on the mod_fcgi issues

    Message from syslogd@ at Fri Oct 16 14:57:01 2009 ...
    share116 httpd[21840]: [emerg] (22)Invalid argument: mod_fcgid: can't get lock, pid: 21840
    Message from syslogd@ at Fri Oct 16 14:57:01 2009 ...
    share116 httpd[30138]: [emerg] mod_fcgid: server is restarted, 30138 must exit
    Message from syslogd@ at Fri Oct 16 14:57:04 2009 ...
    share116 httpd[29858]: [emerg] mod_fcgid: server is restarted, 29858 must exit
     
  3. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    EasyApache only offers the latest Apache 2.2, 2.0 and 1.3 versions. As of writing, the version of Apache 2.2 being offered is 2.2.14.
     
Loading...

Share This Page