For the past few months I've been experiencing General Protection Errors.
Recently, they have began coupling with Segmentation Faults.
They seem to come the most, when I work on my site (I use WinSCP for ftp transfers & putty for command line... both connect under the SSH port.)
Initially, I suspected these errors were due to my php installation. Php has been reinstalled/recompiled with no success.
I've had my data center do quick & extended hard disk scans; came up clean.
Here is an example of the error:
My site loads pretty fast.. it's on a dedicated server with only 1 other site. Average memory usage (according to cpanel) is 20-25% any time of the day. Load averages at 0.05-0.40
99% of the time these errors occur, I am online doing something on the site. Be it working on it, browsing, etc. whatever... I never notice any service interruptions whatsoever.
Apache Version: 1.3.41
OS: Linux
Kernel: 2.6.9-67.0.15.ELsmp
Architecture: x86_64
PHP: 5.2.6
Cpanel: 11.23.3-RELEASE
Last night I upgraded to Apache 2.2.9 to see if they persist.
So far, not a single error since upgrading... but I haven't logged into SSH since 5am (until now, about 15 minutes ago).
Wondering if there is a possible connection between the shell bomb protection.
Could my ssh client (WinSCP) be requesting too much memory, and the protection is limiting it? I do frequently receive timeouts & errors from the WinSCP client after leaving it idle.
Recently, they have began coupling with Segmentation Faults.
They seem to come the most, when I work on my site (I use WinSCP for ftp transfers & putty for command line... both connect under the SSH port.)
Initially, I suspected these errors were due to my php installation. Php has been reinstalled/recompiled with no success.
I've had my data center do quick & extended hard disk scans; came up clean.
Here is an example of the error:
I'm continuously analyzing my access logs and timestamps, trying to locate a connection to a php script.. nothing matches. Different script everytime and sometimes at the very second of the timestamp, there isn't a click on my site.segfaults:
Jun 28 00:42:53 host sshd(pam_unix)[16319]: session opened for user myusername by (uid=0)
Jun 28 00:44:24 host kernel: php-cgi[16560] general protection rip:7800d8 rsp:7fbfffede0 error:0
Jun 28 00:44:28 host kernel: php-cgi[16584] general protection rip:7800d8 rsp:7fbfffee20 error:0
Jun 28 00:53:38 host kernel: php-cgi[18870]: segfault at 0000002ab5357920 rip 00000000007800d8 rsp 0000007fbfffee00 error 4
Jun 28 00:54:24 host kernel: php-cgi[18932] general protection rip:7800d8 rsp:7fbfffee40 error:0
Jun 28 00:57:14 host sshd(pam_unix)[14600]: session closed for user myusername
Jun 28 00:57:58 host sshd(pam_unix)[19223]: session opened for user myusername by (uid=0)
Jun 28 05:46:21 host kernel: php-cgi[30423]: segfault at 0000002ab5357920 rip 00000000007800d8 rsp 0000007fbfffee30 error 4
Jun 28 05:49:22 host sshd(pam_unix)[30539]: session opened for user root by (uid=0)
Jun 28 05:49:28 host sshd(pam_unix)[30571]: session opened for user root by (uid=0)
protection faults:
Jun 27 02:09:35 host named[2992]: lame server resolving 'backup-blabla.net' (in 'blabla.net'?): ipstuffbla#53
Jun 27 02:11:01 host kernel: php-cgi[6825] general protection rip:7800d8 rsp:7fbfffee00 error:0
Jun 27 02:11:06 host kernel: php-cgi[6839] general protection rip:7800d8 rsp:7fbfffee50 error:0
Jun 27 02:12:45 host named[2992]: lame server resolving 'ns2.blabla.net' (in 'blabla.net'?): ipstuffbla#53
Jun 28 00:42:53 host sshd(pam_unix)[16319]: session opened for user myusername by (uid=0)
Jun 28 00:44:24 host kernel: php-cgi[16560] general protection rip:7800d8 rsp:7fbfffede0 error:0
Jun 28 00:44:28 host kernel: php-cgi[16584] general protection rip:7800d8 rsp:7fbfffee20 error:0
Jun 28 00:53:38 host kernel: php-cgi[18870]: segfault at 0000002ab5357920 rip 00000000007800d8 rsp 0000007fbfffee00 error 4
Jun 28 00:54:24 host kernel: php-cgi[18932] general protection rip:7800d8 rsp:7fbfffee40 error:0
Jun 28 00:57:14 host sshd(pam_unix)[14600]: session closed for user myusername
Jun 28 00:57:58 host sshd(pam_unix)[19223]: session opened for user myusername by (uid=0)
Jun 28 05:28:39 host sshd(pam_unix)[27139]: session closed for user myusername
Jun 28 05:28:52 host kernel: php-cgi[25720] general protection rip:7800d8 rsp:7fbfffee40 error:0
My site loads pretty fast.. it's on a dedicated server with only 1 other site. Average memory usage (according to cpanel) is 20-25% any time of the day. Load averages at 0.05-0.40
99% of the time these errors occur, I am online doing something on the site. Be it working on it, browsing, etc. whatever... I never notice any service interruptions whatsoever.
Apache Version: 1.3.41
OS: Linux
Kernel: 2.6.9-67.0.15.ELsmp
Architecture: x86_64
PHP: 5.2.6
Cpanel: 11.23.3-RELEASE
Last night I upgraded to Apache 2.2.9 to see if they persist.
So far, not a single error since upgrading... but I haven't logged into SSH since 5am (until now, about 15 minutes ago).
Wondering if there is a possible connection between the shell bomb protection.
Could my ssh client (WinSCP) be requesting too much memory, and the protection is limiting it? I do frequently receive timeouts & errors from the WinSCP client after leaving it idle.
Last edited: