The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[MaxClients]

Discussion in 'General Discussion' started by flashhosts, Oct 18, 2002.

  1. flashhosts

    flashhosts Active Member

    Joined:
    Sep 1, 2002
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    6
    IMPORTANT: Do not ignore this email.
    Apache has reached the MaxClients
    limit. cPanel has increased the MaxClients limit to 160 (10 higher).

    You may wish to suspend the user with the largest access log as they
    are generally the person using up all of the avalible connections. However, your should
    have your system admin verify this first.



    Never had this before, what does it mean, what should I do.
     
  2. knipper

    knipper Well-Known Member

    Joined:
    Sep 4, 2001
    Messages:
    107
    Likes Received:
    0
    Trophy Points:
    16
    I just got this a few minutes ago as well. It included the accounts with the three largest logs.

    Any input?
     
  3. mina

    mina Member

    Joined:
    Mar 3, 2002
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    1
    I received the same email also- twice a day!
    Each time several &client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /& errors were recorded.

    Seems it is caused not because of top 3 user but because of some linux worm's attack...
    Any protection against this?
     
  4. Jammer2020

    Jammer2020 Member

    Joined:
    Jul 13, 2002
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    It is a worm because we have been getting this as of today on a box that is not even hosting any accounts yet..
     
  5. Juanra

    Juanra Well-Known Member

    Joined:
    Sep 22, 2001
    Messages:
    777
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Spain
    [quote:b59df4b995][i:b59df4b995]Originally posted by mina[/i:b59df4b995]
    I received the same email also- twice a day!
    Each time several &client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /& errors were recorded.
    Seems it is caused not because of top 3 user but because of some linux worm's attack...
    Any protection against this?[/quote:b59df4b995]

    Same here - this is getting rather annoying, and increasing MaxClients not only does not solve the problem, but makes it worse the next time it happens.

    We have Apache 1.3.27 and ServerTokens Prod set.
     
  6. netarus

    netarus Well-Known Member

    Joined:
    Oct 27, 2002
    Messages:
    105
    Likes Received:
    0
    Trophy Points:
    16
    How do you prevent it?
     
  7. Annette

    Annette Well-Known Member
    PartnerNOC

    Joined:
    Aug 12, 2001
    Messages:
    445
    Likes Received:
    0
    Trophy Points:
    16
    nt
     
  8. itf

    itf Well-Known Member

    Joined:
    May 9, 2002
    Messages:
    624
    Likes Received:
    0
    Trophy Points:
    16
    This is not a worm that causes denial of service by reaching the Maximum clients in Apache, it is a kind of DoS attack usually by &Script Kiddies Attack& I wrote in another thread how to protect yourself,

    thread: http://forums.cpanel.net/read.php?TID=5583

    the post that I wrote how-to prevent from those attacks:
    http://forums.cpanel.net/read.php?TID=5583&page=2#24310
     
  9. Annette

    Annette Well-Known Member
    PartnerNOC

    Joined:
    Aug 12, 2001
    Messages:
    445
    Likes Received:
    0
    Trophy Points:
    16
    nt
     
  10. haze

    haze Well-Known Member

    Joined:
    Dec 21, 2001
    Messages:
    1,550
    Likes Received:
    3
    Trophy Points:
    38
    Anyone know if this might be of help in this situation? http://hogwash.sourceforge.net/
     
  11. pingo

    pingo Well-Known Member

    Joined:
    Nov 16, 2002
    Messages:
    430
    Likes Received:
    0
    Trophy Points:
    16
    Annette, why are you saying nt? I'm just curious, what does it mean?

    John
     
  12. alwaysweb

    alwaysweb Well-Known Member

    Joined:
    Mar 8, 2002
    Messages:
    97
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Dallas, TX
    cPanel Access Level:
    Root Administrator
    ITF, might want to update your links -- Since cpanel forums went to vbulletin, your links are 404.
     

Share This Page