Linux - Server This forum is for the discussion of Linux Software used in a server related context. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
04-02-2011, 07:55 PM
|
#1
|
LQ Newbie
Registered: Jan 2007
Posts: 19
Rep:
|
apache load VERY high, disabling server
Hi, on an old server of mine, as soon as apache is started, the load average that I get to see with 'top', that normally is under 1, now just steadily climbs up and up to easily 150, in fact disabling the webserver from serving any webpage.
I've checked netstat, and I'll try to upload the output. The ip's that are in there I've blocked with iptables. But that doesn't help or so it seems. I see nothing weird in the error logs.
As soon as I stop apache, the load goes back to normal. As soon as I (re)start it, up it goes again.
What can cause this and how do I get rid of it?
Thanks!
p.s. It's an old server, fedora3 or so, and I've got a new one to which I'll transfer the domains, but until that's completely done, I'd like this one to run as it has for years...
|
|
|
04-03-2011, 03:58 AM
|
#2
|
Moderator
Registered: May 2001
Posts: 29,415
|
Please don't
Quote:
Originally Posted by lexthoonen
p.s. It's an old server, fedora3 or so, and I've got a new one to which I'll transfer the domains, but until that's completely done, I'd like this one to run as it has for years...
|
"or so"? Please don't be lackadaisical about essential things like that. Since running GNU/Linux is all about performance, protecting assets and providing services in a continuous, stable and secure way you have to know Fedora Core 3 support ended years ago. The version you run is obsolete, no longer maintained, unsupported. This means no security updates and no bug fixes so keeping your machine attached to the Internet makes it an unnecessary risk for the whole community. You may want to take that risk but we don't want to see you keep it connected to the 'net: Linux may be free to use but using it is not free of responsibilities.
Quote:
Originally Posted by lexthoonen
(..) as soon as apache is started, the load average that I get to see with 'top', that normally is under 1, now just steadily climbs up and up to easily 150, (..) The ip's that are in there I've blocked with iptables. But that doesn't help or so it seems. I see nothing weird in the error logs. As soon as I stop apache, the load goes back to normal. As soon as I (re)start it, up it goes again.
|
Before you continue, and if you must run this machine connected to the 'net even if I warned you not to do so, I strongly suggest you shut down, reconfigure or firewall services that should not be accessed from the 'net like RPC, FTP, SMTP, MySQL, IMAP, IMAPS, POP3S, DNS keeping SSH and HTTP. Ensure root can not log in to any service over the 'net and set up SSH to use pubkey auth only. Ensure that Apache does not load any unnecessary modules. Ensure whatever Apache serves in terms of web log, forum, statistics, web based management panel, etc software is either up to date or disabled from access. Ensure whatever gets served over HTTP is restricted in httpd.conf, using .htaccess and access-limiting modules, deny any uploads and run HTTP behind a reverse proxy to enforce policy. Make the firewall rate-limit access on accessible ports. Install fail2ban and make it watch Apache and OpenSSH logs. Install Logwatch and read reports daily. If you dismiss the above for "overly paranoid", "too much work" or "waste of time" you only show you do not understand the issues at all.
That said you have not posted any excerpts from system and daemon logs so what generates load is not at all clear. If logs don't show anything then running Apache in verbose mode may provide clues.
|
|
1 members found this post helpful.
|
All times are GMT -5. The time now is 11:31 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|