LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 04-02-2011, 07:55 PM   #1
lexthoonen
LQ Newbie
 
Registered: Jan 2007
Posts: 19

Rep: Reputation: 0
apache load VERY high, disabling server


Hi, on an old server of mine, as soon as apache is started, the load average that I get to see with 'top', that normally is under 1, now just steadily climbs up and up to easily 150, in fact disabling the webserver from serving any webpage.

I've checked netstat, and I'll try to upload the output. The ip's that are in there I've blocked with iptables. But that doesn't help or so it seems. I see nothing weird in the error logs.

As soon as I stop apache, the load goes back to normal. As soon as I (re)start it, up it goes again.

What can cause this and how do I get rid of it?

Thanks!

p.s. It's an old server, fedora3 or so, and I've got a new one to which I'll transfer the domains, but until that's completely done, I'd like this one to run as it has for years...
Attached Files
File Type: txt netstat.txt (35.9 KB, 16 views)
 
Old 04-03-2011, 03:58 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607Reputation: 3607
Please don't

Quote:
Originally Posted by lexthoonen View Post
p.s. It's an old server, fedora3 or so, and I've got a new one to which I'll transfer the domains, but until that's completely done, I'd like this one to run as it has for years...
"or so"? Please don't be lackadaisical about essential things like that. Since running GNU/Linux is all about performance, protecting assets and providing services in a continuous, stable and secure way you have to know Fedora Core 3 support ended years ago. The version you run is obsolete, no longer maintained, unsupported. This means no security updates and no bug fixes so keeping your machine attached to the Internet makes it an unnecessary risk for the whole community. You may want to take that risk but we don't want to see you keep it connected to the 'net: Linux may be free to use but using it is not free of responsibilities.


Quote:
Originally Posted by lexthoonen View Post
(..) as soon as apache is started, the load average that I get to see with 'top', that normally is under 1, now just steadily climbs up and up to easily 150, (..) The ip's that are in there I've blocked with iptables. But that doesn't help or so it seems. I see nothing weird in the error logs. As soon as I stop apache, the load goes back to normal. As soon as I (re)start it, up it goes again.
Before you continue, and if you must run this machine connected to the 'net even if I warned you not to do so, I strongly suggest you shut down, reconfigure or firewall services that should not be accessed from the 'net like RPC, FTP, SMTP, MySQL, IMAP, IMAPS, POP3S, DNS keeping SSH and HTTP. Ensure root can not log in to any service over the 'net and set up SSH to use pubkey auth only. Ensure that Apache does not load any unnecessary modules. Ensure whatever Apache serves in terms of web log, forum, statistics, web based management panel, etc software is either up to date or disabled from access. Ensure whatever gets served over HTTP is restricted in httpd.conf, using .htaccess and access-limiting modules, deny any uploads and run HTTP behind a reverse proxy to enforce policy. Make the firewall rate-limit access on accessible ports. Install fail2ban and make it watch Apache and OpenSSH logs. Install Logwatch and read reports daily. If you dismiss the above for "overly paranoid", "too much work" or "waste of time" you only show you do not understand the issues at all.

That said you have not posted any excerpts from system and daemon logs so what generates load is not at all clear. If logs don't show anything then running Apache in verbose mode may provide clues.
 
1 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Server load gets really high... Skillz Linux - Software 24 05-19-2010 04:38 AM
Apache message: the load is too high bzzz Linux - Server 3 02-28-2010 10:58 AM
High server load... might be this process: /usr/local/apache/bin/httpd -DSSL ajames3436 Linux - Server 4 06-19-2009 08:45 AM
server load high graziano1968 Linux - General 5 03-12-2009 02:32 PM
Best Mail Server for high load mohakevin Linux - Server 8 01-05-2009 03:42 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 11:31 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration