[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Sign-in]  [Mail]  [Setup]  [Help] 

Status: Not Logged In; Sign In

Mike Thune calls Netanyahu First

Former CIA Agent "Iran's plot to kill Trump doesn't ADD UP"

Trump Nominates RFK Jr. For HHS Secretary

Tyrus: I wish this was a joke, but it's not

The free world’s most potent weapons against China have been crippled

The free world’s most potent weapons against China have been crippled

GOD BLESS THE USA - TRUMP MUSIC VIDEO

Landmark flight: US tanker refuels Russian jets in Malaysia

AIex Jones Studio Seized! lnfowars Website Pulled From Internet! But He's NOT Going Away!

Gutfeld: This was Kamala's Achilles' heel

BREAKING! DEEP STATE SWAMP RATS TRYING TO SABOTAGE TRUMP FROM THE INSIDE | Redacted w Clayton Morris [Livestream in progress]

The Media Flips Over Tulsi & Matt Gaetz, Biden & Trump Take A Pic, & Famous People Leave Twitter!

4 arrested in California car insurance scam: 'Clearly a human in a bear suit'

Silk Road Founder Trusts Trump To 'Honor His Pledge' For Commutation

"You DESERVED to LOSE the Senate, the House, and the Presidency!" - Jordan Peterson

"Grand Political Theatre"; FBI Raids Home Of Polymarket CEO; Seize Phone, Electronics

Schoolhouse Limbo: How Low Will Educators Go To Better Grades?

BREAKING: U.S. Army Officers Made a Desperate Attempt To Break Out of The Encirclement in KURSK

Trumps team drawing up list of Pentagon officers to fire, sources say

Israeli Military Planning To Stay in Gaza Through 2025

Hezbollah attacks Israeli army's Tel Aviv HQ twice in one day

People Can't Stop Talking About Elon's Secret Plan For MSNBC And CNN Is Totally Panicking

Tucker Carlson UNLOADS on Diddy, Kamala, Walz, Kimmel, Rich Girls, Conspiracy Theories, and the CIA!

"We have UFO technology that enables FREE ENERGY" Govt. Whistleblowers

They arrested this woman because her son did WHAT?

Parody Ad Features Company That Offers to Cryogenically Freeze Liberals for Duration of TrumpÂ’s Presidency

Elon and Vivek BEGIN Reforming Government, Media LOSES IT

Dear Border Czar: This Nonprofit Boasts A List Of 400 Companies That Employ Migrants

US Deficit Explodes: Blowout October Deficit Means 2nd Worst Start To US Fiscal Year On Record

Gaetz Resigns 'Effective Immediately' After Trump AG Pick; DC In Full Blown Panic


Miscellaneous
See other Miscellaneous Articles

Title: Today's Outage
Source: [None]
URL Source: [None]
Published: Dec 25, 2009
Author: Neil
Post Date: 2009-12-25 21:25:57 by Pinguinite
Keywords: None
Views: 305
Comments: 25

Today the server went down after hundreds of requests came in for various pages within about 38 seconds. The offending IP address is already known on the net as a "comment spammer" though it cannot actually post here.

Apache (the web serving program) already has settings to limit the number of requests it will try to service at one time, and today I've reduced that from 150 to 50. I'm not sure exactly what the optimal setting should be, but if it's too low I'll see warnings about the limit being hit. 150 apparently is never hit. If it is too low then the worst case scenario is a bit slower response time during peak activity. In time I should find the optimal setting.

Good chance though that no one will notice anything different, except perhaps fewer occurances of outages.

It's more ideal to set a limit on the number of requests from a single IP address that Apache would handle but I don't know yet if Apache has that ability.

Post Comment   Private Reply   Ignore Thread  


TopPage UpFull ThreadPage DownBottom/Latest

#1. To: Pinguinite (#0)

Thanks for the explanation of the glitch this afternoon.

Any idea what went wrong with 4Oline?

Lod  posted on  2009-12-25   21:40:50 ET  Reply   Trace   Private Reply  


#2. To: Pinguinite (#0)

Good chance though that no one will notice anything different, except perhaps fewer occurances of outages.

good!

christine  posted on  2009-12-25   22:03:17 ET  Reply   Trace   Private Reply  


#3. To: Lod (#1)

Any idea what went wrong with 4Oline?

4umOffline? No idea. I don't host that.

Pinguinite  posted on  2009-12-25   22:04:16 ET  Reply   Trace   Private Reply  


#4. To: christine (#2) (Edited)

"An education isn't how much you have committed to memory, or even how much you know. It's being able to differentiate between what you know and what you don't. ~ Anatole France

Original_Intent  posted on  2009-12-25   22:08:25 ET  Reply   Trace   Private Reply  


#5. To: Original_Intent (#4)

Astute?

Hardly.

I just try and report what goes on here.

Lod  posted on  2009-12-25   22:12:53 ET  Reply   Trace   Private Reply  


#6. To: Lod (#5)

Roger.

"An education isn't how much you have committed to memory, or even how much you know. It's being able to differentiate between what you know and what you don't. ~ Anatole France

Original_Intent  posted on  2009-12-25   22:14:42 ET  Reply   Trace   Private Reply  


#7. To: Pinguinite (#3)

To me, this is illogical -

It could just be me.

#2. To: Pinguinite (#0)

Good chance though that no one will notice anything different, except perhaps fewer occurances of outages.

good!

christine posted on 2009-12-25 22:03:17 ET Reply Trace Private Reply #3. To: Lod (#1)

Any idea what went wrong with 4Oline?

4umOffline? No idea. I don't host that.

Pinguinite posted on 2009-12-25 22:04:16 ET Reply Trace Private Reply #4. To: christine (#2) (Edited)

"An education isn't how much you have committed to memory, or even how much you know. It's being able to differentiate between what you know and what you don't. ~ Anatole France

Original_Intent posted on 2009-12-25 22:08:25 ET Reply Trace Private Reply #5. To: Original_Intent (#4)

Astute?

Hardly.

I just try and report what goes on here.

Lod posted on 2009-12-25 22:12:53 ET Reply Trace Private Reply Edit

Lod  posted on  2009-12-25   22:16:52 ET  Reply   Trace   Private Reply  


#8. To: Pinguinite (#0)

The offending IP address is already known on the net as a "comment spammer" though it cannot actually post here.

Why not?

Itistoolate  posted on  2009-12-25   23:04:41 ET  Reply   Trace   Private Reply  


#9. To: Itistoolate (#8)

Because the spam engine doesn't have an account here to post. To get one it needs to register, and that's what the "captchga" thing is for when you register. Prevents bots from signing up for accounts. (It used to be a problem before that was installed).

Pinguinite  posted on  2009-12-25   23:47:29 ET  Reply   Trace   Private Reply  


#10. To: Pinguinite (#9)

Roger that.

Lod  posted on  2009-12-25   23:54:04 ET  Reply   Trace   Private Reply  


#11. To: Pinguinite (#0) (Edited)

It's more ideal to set a limit on the number of requests from a single IP address that Apache would handle but I don't know yet if Apache has that ability.

You could block it completely, Neil. You're running 2.2.8? BTW, links don't work as I just copied the relative URLs:

Access control by host

If you wish to restrict access to portions of your site based on the host address of your visitors, this is most easily done using mod_authz_host.

The Allow and Deny directives let you allow and deny access based on the host name, or host address, of the machine requesting a document. The Order directive goes hand-in-hand with these two, and tells Apache in which order to apply the filters.

The usage of these directives is:

Allow from address

where address is an IP address (or a partial IP address) or a fully qualified domain name (or a partial domain name); you may provide multiple addresses or domain names, if desired.

For example, if you have someone spamming your message board, and you want to keep them out, you could do the following:

Deny from 10.252.46.165

Visitors coming from that address will not be able to see the content covered by this directive. If, instead, you have a machine name, rather than an IP address, you can use that.

Deny from host.example.com

And, if you'd like to block access from an entire domain, you can specify just part of an address or domain name:

Deny from 192.168.205

Deny from phishers.example.com moreidiots.example
Deny from ke

Using Order will let you be sure that you are actually restricting things to the group that you want to let in, by combining a Deny and an Allow directive:

Order deny,allow
Deny from all
Allow from dev.example.com

Listing just the Allow directive would not do what you want, because it will let folks from that host in, in addition to letting everyone in. What you want is to let only those folks in.

Eff the Bankers

bluegrass  posted on  2009-12-25   23:59:16 ET  Reply   Trace   Private Reply  


#12. To: bluegrass (#11)

Great!

Just what I would have advised.

Big ;-)

Whatever makes it work - thanks much.

Lod  posted on  2009-12-26   0:03:54 ET  Reply   Trace   Private Reply  


#13. To: bluegrass (#11)

You could block it completely, Neil.

Yes, I could. I'm familiar with the directives you posted, but I want a solution that works for what must be many hundreds or thousands of such spiders out there. If I block each IP I discover is a problem, that's fine except that it's an after-the-fact patch. That is, after the server crashes, I block one IP address. Doing that hundreds of times after hundreds of crashes is not what I want. I want a solution that will prevent future spiders from doing what this one did. And of course if an evil spider gets a new IP, then that one is free and clear to strike again.

Ideally, there'd be something in Apache that limits the number of requests a certain IP address can make within a short span of time. If you know of something like that, I'd really appreciate a lead. Thanks.

Pinguinite  posted on  2009-12-26   0:52:43 ET  Reply   Trace   Private Reply  


#14. To: Pinguinite (#13)

Ah. I misunderstood the issue.

Is this on the right track?:

dominia.org/djao/limitipconn2.html

Example conf here:

www.webhostgear.com/279.html

Eff the Bankers

bluegrass  posted on  2009-12-26   1:19:22 ET  Reply   Trace   Private Reply  


#15. To: bluegrass (#14)

Now THAT'S what I'm looking for. I'll check it out. Thanks!

Pinguinite  posted on  2009-12-26   10:58:39 ET  Reply   Trace   Private Reply  


#16. To: Pinguinite (#13)

Ideally, just trace back to the offender and then let's just go there and get it overwith...IMO


"If you love wealth more than liberty, the tranquility of servitude better than the animating contest of freedom, depart from us in peace. We ask not your counsel nor your arms. Crouch down and lick the hand that feeds you. May your chains rest lightly upon you and may posterity forget that you were our countrymen.”—Samuel Adams

Rotara  posted on  2009-12-26   11:03:31 ET  Reply   Trace   Private Reply  


#17. To: Rotara (#16) (Edited)

Ideally, just trace back to the offender and then let's just go there and get it overwith...IMO


as in caddy shack II to their house at night with baseball bats?


The best gun to have, is the gun you have, when you need a gun.

IRTorqued  posted on  2009-12-26   12:35:46 ET  Reply   Trace   Private Reply  


#18. To: Pinguinite (#15)

Awesome! Let me know if it's useful.

Eff the Bankers

bluegrass  posted on  2009-12-26   14:18:50 ET  Reply   Trace   Private Reply  


#19. To: bluegrass (#18)

I can't seem to get it to work. The module loads fine, apache doesn't complain about the new settings so I know the module is in, but it's not denying accesses above the limit I prescribe. I'm not seeing any clues as to why. It acts like nothing is different.

Pinguinite  posted on  2009-12-26   21:57:44 ET  Reply   Trace   Private Reply  


#20. To: Pinguinite (#19)

Do you have the directives in the virtual directory or is it in the global conf? Dumb question, but ExtendedStatus is on, yes?

Another hack:

www.cohprog.com/mod_bandwidth.html

Eff the Bankers

bluegrass  posted on  2009-12-27   7:27:44 ET  Reply   Trace   Private Reply  


#21. To: bluegrass (#20)

Do you have the directives in the virtual directory or is it in the global conf?

Setting them system wide generated an error on Apache reload. Doing them inside Directory tags does not. Then there's no error on an apache reload but it also has no effect. (I'm testing with the download of a large file with the limit set to 1 and I have it downloading twice simultaneously).

Dumb question, but ExtendedStatus is on, yes?

Yes.

Another hack:

I'll check it out.

Pinguinite  posted on  2009-12-27   10:28:08 ET  Reply   Trace   Private Reply  


#22. To: Pinguinite (#21)

Frustrating. One would think that this would be a common enough problem that Apache would have addressed it.

I'll keep digging around.

Eff the Bankers

bluegrass  posted on  2009-12-27   10:32:28 ET  Reply   Trace   Private Reply  


#23. To: bluegrass (#20)

www.cohprog.com/mod_bandwidth.html

Seems the lastest version is only suited for apache 1.3.

I might be able to do my own home brew that works at the firewall level monitoring requests and modifying the firewall temporarily in the event of a flood of requests. Maybe it'll come to that.

Pinguinite  posted on  2009-12-27   10:34:16 ET  Reply   Trace   Private Reply  


#24. To: bluegrass (#22)

Frustrating. One would think that this would be a common enough problem that Apache would have addressed it.

Yes, it would seem. But Apache does a lot of things I don't know anything about, so maybe there's a way.

I'll keep digging around.

Thanks!

Pinguinite  posted on  2009-12-27   10:36:00 ET  Reply   Trace   Private Reply  


#25. To: Pinguinite (#21)

Another:

www.zdziarski.com/projects/mod_evasive/

Eff the Bankers

bluegrass  posted on  2009-12-27   10:39:19 ET  Reply   Trace   Private Reply  


TopPage UpFull ThreadPage DownBottom/Latest


[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Sign-in]  [Mail]  [Setup]  [Help]