The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

MySQL abuse

Discussion in 'General Discussion' started by dchepishev, Apr 27, 2006.

  1. dchepishev

    dchepishev Well-Known Member
    PartnerNOC

    Joined:
    Oct 19, 2005
    Messages:
    52
    Likes Received:
    0
    Trophy Points:
    6
    Hi,

    I have cPanel server, MySQL 4.1 and php installed as cgi.
    I have one problem. Someone is abusing MySQL and I can not understand which user is doing this.
    From time to time MySQL spends too much time and the query count goes to 2-3000 queries per second. However I can not understand which user is doing this because the queries are not time consuming, but are really great number and when I execute they query " show processlist;"

    either I see few queries currently executed from different users or it takes 5-6 secs to execute the query and at the end i see that nobody is using mysql ;).
    Is there any statistic in mysql which can tell me the number of queries per user per hour or for the last 24h or something which I can use to catch the abuser ?
     
  2. web2corp

    web2corp Member

    Joined:
    Mar 28, 2006
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    How often do you notice this happening? 3000 queries per second is very high, but well within the abilities of mysql.

    I'm not sure how much control you have over this server (Dedicated box, VPS or shared) but you may want to look in to mtop. It's a tool much like top only it shows mysql usage. I am not aware of a way to see a history of queries by user.

    If you cannot install mtop, I would just wait until the load goes up again and the issue a show full processlist; That would show you the user and what they are doing. It sounds like these are selects. I have seen software out there cause brutal loads on SQL servers using selects (Alstrasoft eFriends, for example, 6,000 queries per second) so it may just be the user is using software like that and doesn't know he is brining your server to it's knees.
     
  3. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    An alternative to running mytop might be to run:

    watch mysqladmin processlist

    Which will allow you to better monitor what is going on. Also, do make sure that you have inbound TCP port 3306 blocked in your firewall to be sure no-one is abusing their access to MySQL from another server.
     
  4. dchepishev

    dchepishev Well-Known Member
    PartnerNOC

    Joined:
    Oct 19, 2005
    Messages:
    52
    Likes Received:
    0
    Trophy Points:
    6
    This really will not do the job, because sometimes this happens every 10 sec for example and lasts for 2 secs. The process list just gives me a snapshot of the currenlty running queries. I can not say which of the users is abusing because the abusing queries are one after another not parallel and I see 3-4 users currently executing queries.
     
Loading...

Share This Page