The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Too much connections from 127.0.0.1

Discussion in 'General Discussion' started by maxo-tt, Dec 30, 2012.

  1. maxo-tt

    maxo-tt Member

    Joined:
    Dec 22, 2012
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    hello people. i have one big problem that cant fix with myself. searched google but nothing found...

    so time to time(not usualy the same time or same interval) i'm getting about 300 connection from 127.0.0.1 and apache hangs till i restart it...

    i use this command to count connections per ip.
    Code:
    netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
    may it be ddos attack? if so, how it may be connections from localhost?

    that's my apache2 config. any idea?
    Code:
    Timeout 30
    TraceEnable Off
    ServerSignature Off
    ServerTokens ProductOnly
    FileETag None
    StartServers 10
    <IfModule prefork.c>
    MinSpareServers 5
    MaxSpareServers 30
    </IfModule>
    ServerLimit 600
    MaxClients 600
    MaxRequestsPerChild 0
    KeepAlive Off
    KeepAliveTimeout 2
    MaxKeepAliveRequests 100
    
    

    system:
    WHM 11.34.1 (build 5)
    Centos 6.3
    Apache/2.2.23

    server: 2X xeon x5570 Ram: 24GB
     
    #1 maxo-tt, Dec 30, 2012
    Last edited: Dec 30, 2012
  2. cPanelJared

    cPanelJared Technical Analyst
    Staff Member

    Joined:
    Feb 25, 2010
    Messages:
    1,842
    Likes Received:
    18
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Are you by chance using any kind of caching or proxy system, anything like nginx?
     
  3. maxo-tt

    maxo-tt Member

    Joined:
    Dec 22, 2012
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    no, nothing at all. i have just installed cpanel and nothing more... almost everything default... just installe some security modules from EasyApache and increased some apache settings...

    p.s

    apache loaded modules:
    Code:
    Loaded Modules:
     core_module (static)
     authn_file_module (static)
     authn_default_module (static)
     authz_host_module (static)
     authz_groupfile_module (static)
     authz_user_module (static)
     authz_default_module (static)
     auth_basic_module (static)
     include_module (static)
     filter_module (static)
     deflate_module (static)
     log_config_module (static)
     logio_module (static)
     env_module (static)
     expires_module (static)
     headers_module (static)
     unique_id_module (static)
     setenvif_module (static)
     version_module (static)
     proxy_module (static)
     proxy_connect_module (static)
     proxy_ftp_module (static)
     proxy_http_module (static)
     proxy_scgi_module (static)
     proxy_ajp_module (static)
     proxy_balancer_module (static)
     ssl_module (static)
     mpm_prefork_module (static)
     http_module (static)
     mime_module (static)
     status_module (static)
     autoindex_module (static)
     asis_module (static)
     info_module (static)
     suexec_module (static)
     cgi_module (static)
     negotiation_module (static)
     dir_module (static)
     actions_module (static)
     userdir_module (static)
     alias_module (static)
     rewrite_module (static)
     so_module (static)
     qos_module (shared)
     frontpage_module (shared)
     bwlimited_module (shared)
     auth_passthrough_module (shared)
     fastinclude_module (shared)
     suphp_module (shared)
     security2_module (shared)
    
    maybe you talking about apache2 proxy module?

    they were activated by default. i'll disable it...
    Code:
     proxy_module (static)
     proxy_connect_module (static)
     proxy_ftp_module (static)
     proxy_http_module (static)
     proxy_scgi_module (static)
     proxy_ajp_module (static)
     proxy_balancer_module (static)
    
     
    #3 maxo-tt, Jan 1, 2013
    Last edited: Jan 1, 2013
  4. cPanelJared

    cPanelJared Technical Analyst
    Staff Member

    Joined:
    Feb 25, 2010
    Messages:
    1,842
    Likes Received:
    18
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    I was not referring to Apache's mod_proxy. I was referring to nginx and other third-party caching and proxy systems that do not come with cPanel but our customers sometimes install.

    mod_proxy needs to be enabled in order for cPanel's proxy subdomains (whm.domain.tld, cpanel.domain.tld, webmail.domain.tld) to work, which is why it is enabled by default. I apologize for any confusion, but it is not what I was trying to ask about.

    We would be happy to take a look to see if anything in cPanel is causing the connections from 127.0.0.1, if you submit a ticket.
     
  5. maxo-tt

    maxo-tt Member

    Joined:
    Dec 22, 2012
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    yes, i've disabledmod_proxy but the same again...

    i noticed that mod_prefork causes this hang. 2 days ago i've switched to mod_worker, and got good uptime. no crash.

    then i returned to prefork, and apache started crash. now using worker.. but worker needs more resource ....

    i'll submit a ticket asap.

    i did it
    Request Id:3595683


    p.s
    i did custom script that checks apache and restarts if hang. sends also mail. works so...
    Code:
    if ( wget --timeout=7 --tries=1 http://localhost/robots.txt )
    thats log to see hang interval

    [​IMG]
     
    #5 maxo-tt, Jan 4, 2013
    Last edited: Jan 4, 2013
Loading...

Share This Page