Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Easyapache

Discussion in 'EasyApache' started by hostmedic, Oct 16, 2009.

  1. hostmedic

    hostmedic Well-Known Member

    Joined:
    Apr 30, 2003
    Messages:
    544
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Washington Court House, Ohio, United States
    cPanel Access Level:
    DataCenter Provider
    It seems that apache 2.2.11 and up do some strange things with mod_fcgi.
    In short The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).

    This is causing issues for a server.

    I am trying to figure out how - with Easy Apache we can choose a 2.2 version prior to 2.2.11

    any ideas?

    See http://security-tracker.debian.org/tracker/CVE-2009-1891

    and

    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=537922

    While they both state this is a debian bug - others are seeing this on apache.
    http://serverfault.com/questions/61787/modfcgid-process-doesnt-respawn

    My question here is not - how to fix the apache issue - but rather
    how can we pick another apache vs the one that it picks for us under the 2.2 option ?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #1 hostmedic, Oct 16, 2009
    Last edited: Oct 16, 2009
  2. hostmedic

    hostmedic Well-Known Member

    Joined:
    Apr 30, 2003
    Messages:
    544
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Washington Court House, Ohio, United States
    cPanel Access Level:
    DataCenter Provider
    more on the mod_fcgi issues

    Message from syslogd@ at Fri Oct 16 14:57:01 2009 ...
    share116 httpd[21840]: [emerg] (22)Invalid argument: mod_fcgid: can't get lock, pid: 21840
    Message from syslogd@ at Fri Oct 16 14:57:01 2009 ...
    share116 httpd[30138]: [emerg] mod_fcgid: server is restarted, 30138 must exit
    Message from syslogd@ at Fri Oct 16 14:57:04 2009 ...
    share116 httpd[29858]: [emerg] mod_fcgid: server is restarted, 29858 must exit
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,216
    Likes Received:
    10
    Trophy Points:
    313
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    EasyApache only offers the latest Apache 2.2, 2.0 and 1.3 versions. As of writing, the version of Apache 2.2 being offered is 2.2.14.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice