Apache :: Protect Against Constant F5?

Oct 24, 2013

Today i was informed that some of Apache instances are vulnerable for serving content while client is constantly pressing F5 button in browsers - once is pressed CPU load is increasing, page became slow etc. (it's dynamic content served by back-end Tomcats). In the same time i see errors with connection between Apache and Tomcats' instances.

Is there any good way to protect Apache against it ?

View 8 Replies


Mod_evasive Doesn't Protect From Apache DOS

Feb 6, 2008

We tried to use one software for offline browsing to download our site and test it if it will fail or not. We used 500 threads at once. Program was able to request 56 pages per second. Of course server (site) failed because there were no more available mysql connections. So site went down. Mod_evasive didn't block that.

Here is the config:

<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 80
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 30
DOSLogDir "/var/log/httpd"

Here is the copy of text I found on one site about mod_evasive:

Mod_evasive does work relatively well for small to medium sized brute force or HTTP level DoS attacks. There is, however, an important limitation that mod_evasive has that you should be aware of. The mod_evasive module is not as good as it could be because it does not use shared memory in Apache to keep information about previous requests persistent. Instead, the information is kept with each child process or thread. Other Apache children that are then spawned know nothing about abuse against one of them. When a child serves the maximum number of requests and dies, the DoS information goes with it. So, what does this mean? This means that if an attacker sends their HTTP DoS requests and they do not use HTTP Keep-Alives, then Apache will spawn a new child process for every request and it will never trigger the mod_evasive thresholds. This is not good…

Is there any solution for such type of attack with Keep Alive disabled?

View 4 Replies View Related

Apache :: Way To Protect Server From Overload?

Feb 19, 2014

Is there a way to protect apache server from overload? For example Nginx has a module called SysGuard when system load or memory use goes too high all subsequent requests will be redirected to the URL specified by the 'action' parameter.

View 1 Replies View Related

Apache :: Password Protect Directory

Mar 10, 2014

What is the proper way. to password protect a directory for apache 2.4.7. Information i gather seems to not work.

View 4 Replies View Related

How To Password Protect Web Pages, I Can Protect Directories But Can't Put Pages In

Mar 4, 2007

i did make a big message on here but it deleted when i back spaced

my website is aviation cafe dot net / sample and i need you to help me with password protecting a webpage, i wanted the address to be / the silver sword and definitly not to look like it does now.

username: webforum
pass: password

View 4 Replies View Related

Server Constant Crash

Jan 3, 2009

I have in my possession a new server which is running cPanel. For some unknown reason it keeps crashing about every 4-6 hours where I must get a remote reboot done.

Its starting to annoy me that I'm unable connect to anything. What I suspect is high disk red/write. As what I'm finding is over 10k blocks being written per second with only 300 being read per second. I also am not seeing any bandwidth out/in usage being high.

View 14 Replies View Related

Top Usage Over Constant 48/72 Hours

Jul 17, 2009

I am wanting to get access to 'top -c' for a period of 48/72 hours.

Now I have found the following


top -c -b -d 15 > top.txt
What this does is every 15 seconds add reply 'top -c' to top.txt

Now I can make this into a shell script then put it into the background and exit SSH while leaving it running.

Now the question is will this use much usage/server load over the 48/72hrs, it will be checking 4 times every minute.

View 3 Replies View Related

Constant Uptime Connections

May 5, 2008

I thought i'd just post a quick message on here to see what you guys make of this situation. It's only happened with what, the past hour or so, but when i check the visitor logs on our website it seems that a "YouMonitor.us" is constantly spamming connections to the website over 1 second intervals (even less than that in some cases).

Furthermore, its coming in from different IP address's all the time and therefore its inappropriate to block everyone as they seem to just constantly change.

View 6 Replies View Related

Constant Server Crash, How To Trace?

Apr 21, 2007

My server is constantly crashing (halting to dead) and needing reboot literally every few hours. I cannot trace the cause of this whatsoever. Please help out.

CPU/Memory/MySQL Usage shows no accounts in red or yellow zone ....

View 6 Replies View Related

Constant SSH Login Tries From Numerous IP Addresses (bots)

Apr 26, 2008

I have a dedicated RHEL server with cPanel and my server loads spikes about +0.4 (out of 2.0) for about 30 mins every 4-6 hours or so. My regular server load is 0.01, because there is barely any traffic on the server yet, but by looking at my top processes in WHM, I can see that the processes that are spiking the Server Load when it is high, is something like:

sshd: [priv] root
sshd: [priv] root
sshd: [priv] root
sshd: [accepted]
sshd: [priv] games
sshd: [priv] news
sshd: [priv] root
sshd: [priv] root
sshd: [accepted]

...something along these lines. And a lot of times there are 10-20 of these sshd processes at one time.

My server is managed and my dedicated server engineer said it was probably a bot trying passwords. He took one of the IP's, said it was from Taiwan, and blocked that IP in iptables.

However, this is still happening constantly with different IP's. Is there a way to prevent this from happening? I'm the only person (and my host) who should be able to login to my server using SSH... however, I don't have a static IP and I work from multiple locations, so only allowing certain IP's won't work for me.

First off, is this normal? Or am I being attacked or what? What can I do to remedy this? It seems the bots haven't successfully logged in, but they are spiking my server load which is NOT what I want.

View 8 Replies View Related

Stress Tests- Benchmarks- Constant Load

Jun 15, 2007

I was having issues with what I would like to think as power.

Now, I was wondering if there are any SQL database benchmarks, or something else I can run on the system for a given period of time, that will let me see if I'm still having those power issues.

View 2 Replies View Related

How Do You Fend Off SQL2k5 Constant Login Attempt

Nov 26, 2008

I keep seeing sa login failure on Event viewer Application log for MS SQL 2005. I'm tired of blocking off the failed attempt ip. A huge portion of them seem to come from China and Estern Euro. Should i just block off those region? Is there a better way for securing SQL2005?

View 1 Replies View Related

BQBackup, Constant Issues For Weeks With No Resolution In Sight

Aug 12, 2008

We first noticed the issue on July 19th, Backups were taking a while to transfer from our own servers, and we were getting tickets from clients asking why this was happening. At the same time, it took about 4-5 minutes to log into the backup console. Issue seemed to correct itself so that backups were possible, and we assumed that scott would be aware of it and would work to resolve it.

Again on the 29th it slowed completely again. We immediately dispatched an email to their support email asking whats up, gave them detailed information such as access to the script and the output so he could monitor it.

The same day a few hours later we got a response that he would run the script and monitor it.

On the 31st, after not getting an update I asked what was going on. He said he ran the script, it seemed to stall for long periods of time and he would know more in the afternoon.

After not getting an update for ~5 days I asked what was going on and I expressed that i was not happy with the lack of communication/updates ont he situation. He updated me later that day saying that we weren't the only ones being affected. Fair enough, he is working on it. Thats all I wanted to hear.

Now ever since that email I received on the 5th (AUG) it has been up and down and all over the place.

After seeing him post on the forums I sent him a PM (10th August), summed up it was basically saying I had an issue, and I need it fixed. I figured since the PM system is usually pretty good at not losing them that he would see it and respond accordingly, that way there was no chance of it being lost from point A to point B as an email.

Well to this day, no response nor resolution.

I really have exhausted all points of communication, and I want to make it clear that I am not bashing them, when it works it's great. But maybe someone else affected can provide more insight..

View 12 Replies View Related

Plesk 12.x / Linux :: Constant Alarm Level Change

Jul 20, 2015

Not sure why, but for some reason lately our Plesk installation randomly sends us notification emails about alarm level changes which go from Green to yellow, yellow to red, then goes back to normal over time. No changes were made on the server for these constant changes and emails to occur. We have a customer who also has the same issue.. Both focus primarily on nginx with little to no usage of apache.

View 2 Replies View Related

Plesk 11.x / Linux :: Constant Alarm Level Changed Emails

Jul 21, 2012

This problem has been reported before Plesk Panel 11. What's the current solution for this problem? I've got this problem since I upgraded to Plesk Panel 11.09.

I'm getting spammed with emails like:

Server health parameter "Services > Apache memory usage" changed its status from "green" to "yellow". Click to expand...

View 19 Replies View Related

Plesk 11.x / Linux :: Constant Unable To Connect To Database While Upgrading / Repairing

Aug 11, 2014

I had Plesk 10 installed on my openSUSE system (was a low version, maybe 11 or less) and then decided to upgrade to 11.5. So I did distribution upgrades to openSUSE 12.3 and everything went smoothly, except for some services like mysql and php. So I used Plesk autoinstaller to fix the php error and edited an outdated line in mysql configuration and both services ran smoothly!

Then I downloaded Plesk autoinstaller and ran the autoinstaller, but was surprised by this error message:

===> Checking for previous installation ... found.
ERR (3) [panel]: Error during product key mode determination, details: Unable to connect to database: ; trace: #0 /usr/local/psa/admin/plib/functions.php(2821): isPpaKeyRequired()
#1 /usr/local/psa/admin/plib/common_func.php3(11): require_once('/usr/local/psa/...')
#2 /usr/local/psa/admin/plib/api-common/cu.php(5): require_once('/usr/local/psa/...')
#3 /usr/local/psa/admin/sbin/httpdmng(8): include_once('/usr/local/psa/...')
#4 (main)

Unable to connect to database:

- My MySQL version is: 5.5.33 openSUSE package
- I did run mysql_upgrade with my admin username and password (password from: /etc/psa/.psa.shadow) and it worked successfully and fixed all of the errors, I did so after running the auto installer first, but then ran the installer again and the problem was still there
- I can access my web page, but it still doesn't connect to MySQL either.

I believe this is a problem with MySQL, but how can I make sure or detect what exactly the problem is

View 3 Replies View Related

How To Protect Port 80

Nov 2, 2007

someone attacking my VPS via port 80, which firewall u advice me to use on windows 2003 WEB edition ?

Or anyone have smillar experiance and can tell me what to do? Btw my hosting company is LeaseWeb.

View 5 Replies View Related

How Do I Protect My Website

Jun 29, 2009

This is probably a pretty complicated answer so please forgive me as I'm a newbie to making my own ecommerce website.

What steps are needed to protect/prevent one's site from being hacked? I have domain privacy (on WhoIs) but I feel this isn't enough.

View 4 Replies View Related

Way To Protect URLS

May 23, 2009

Are there any scripts out there that can protect URLs? For an example I am trying to protect a megaupload.com URL with a masking URL and making sure that the masking URL is only access by a referral site. Can this be done?

View 1 Replies View Related

Protect Directory

May 22, 2007

i have another question is their a way to protect a directory without using .htaccess because i dont have modrewrite installed on my apache server.

View 4 Replies View Related

How To Protect Website

Feb 20, 2007

Last days my site was hacked to the main page has been added the "iframe" tag with path to the virus loading. I don't know how somebody could edit the original page and insert this code to the html body. This time I have updated this page from archive but I would be glad to know how to protect my site in future. Could somebody advice me fast and effective methods?

View 7 Replies View Related

How To Protect Cpanel And Whm

Dec 28, 2007

what is the best way to protect whm and cpanel from unwanted login?

If i change the port they still can sniff, is there away to put another layer to protect it or assigned specific ip to be able to login ? I'm on a dedicate server and only hosting for 1 site so there no customer that i should worry about.

can i change /whm and /cpanel to something else just to hide it form novice users.

View 14 Replies View Related

How To Pwd Protect Directories Without Cpanel

Jul 28, 2009

how to pwd protect directories with when using no control panel, I am planning to change the login details of the protected directories every few days as well as its top secret data, so I would like to know how to protect directories with pwd, I know how to do using control panel such as cPanel r Plesk but I am having no control panel at this interface

I intend to share the files under this protected directories only to my team, so plz help me with codes if there are any

its cent 0s5, apache handler

View 4 Replies View Related

Bot Attack, How To Protect Server

Oct 22, 2009

how to protect an linux dedicated server from bot attack. Im using linux server with cPanel, using CSF firewall + DOS Deflate.

View 5 Replies View Related

How To Protect Reverse IP Information

Apr 10, 2009

is it way to protect Reverse IP information ?

I mean someone can't see friend sites in same vps/server.

This is my domain ( godaddy )

And another domain ( not me )

View 1 Replies View Related

Keep Clamv As Auto Protect

Apr 5, 2009

How can have clamv antivirues as auto protect mode in whm/cpanel server?

We need to configure clamv as auto protect.

View 2 Replies View Related

How To Protect A File For Being Overwritten

Aug 15, 2008

Probably a cron file is updating one of my files every night. Then normally the script is not working, script owner is not responding my emails. So any ways to protect the file for being overwritten.

View 3 Replies View Related

Recommendation ( Spam Protect )

Jun 26, 2008

Recommendation to manage my server

Recommendation me for max send mail per hour for per account?

(I not want my server go to black list server and spam provider list)

View 4 Replies View Related

Web Protect Not Working In Cpanel

Mar 2, 2008

I have protected one folder on my domain from Cpanel using function "web protect" also its asking for password but the password is not working.

I did checked the .htpasswd file in users home directory and it have the user created for protection.

View 5 Replies View Related

How To Protect Access To Whm/cpanel

Aug 4, 2008

is there a way to protect whm/cpanel access?

At the moment anyone can type
domain.com/cpanel or domain.com/whm or server/cpanel or server/whm.

I would like to limit access to these pages by adding additional password (like folder password) or restricting IP.

View 5 Replies View Related

Copyrights 2005-15 www.BigResource.com, All rights reserved