RE: [users@httpd] Apache in under attack. [EXT]

Thu, 14 Jan 2021 23:52:50 -0800 

The first place to look in this case is the size of the apache processes. Once 
the OP has got on top of this - then other issues can be investigated.

So process would be:
        1) Reduce number of modules in Apache (>100 at the moment) should be 
around 15-25 region;
        2) Look at memory usage;
        3) If high would also look to see which PHP packages have been 
installed;
        4) Once past these I would start looking at the actual attack and the 
particular requests;



-----Original Message-----
From: @lbutlr <krem...@kreme.com> 
Sent: 15 January 2021 06:37
To: users@httpd.apache.org
Subject: Re: [users@httpd] Apache in under attack. [EXT]

On 14 Jan 2021, at 04:48, Jason Long <hack3r...@yahoo.com.INVALID> wrote:
> Server have 4 CPU cores and 6GB of RAM.
> I pasted Apache configuration. In your opinion, which parts of servers must 
> be examine?

Throwing more resources at the problem is not likely to fix the problem. You 
need to figure out what is going on with your server and WHY it is taking so 
much time it is bogging down and WEHRE the slowdown is happening.

This is not something that someone can just say "Oh, it's this" because the 
problem is unique to your machine, your content, and your users.

I would start with those very suspicious (to me) looking URL requests 
containing dozens of digits of hex. Do those look like they are legitimate 
links to your server's web content?

Also, please stop top-posting and quoting the entire message thread below.

-- 
We are born naked, wet and hungry; then it's all downhill.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org



--
 The Wellcome Sanger Institute is operated by Genome Research
 Limited, a charity registered in England with number 1021457 and a
 company registered in England with number 2742969, whose registered
 office is 215 Euston Road, London, NW1 2BE.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Reply via email to