Tracking Forums, Newsgroups, Maling Lists
Home Scripts Tutorials Tracker Forums
  Advanced Search
  HOME    TRACKER    Web Hosting


Advertisements:




SuperbHosting.net & Arvixe.com have generously sponsored dedicated servers and web hosting to ensure a reliable and scalable dedicated hosting solution for BigResource.com.







CSF Causing Server Ping Timeout


I just installed a fresh new server with CSF

Soon I find out that my ping keeps dropping. The server was smoothly running, SSH is smooth, Website are loading fine, except I cannot ping my server. I disable SELINUX completely and it still doesn't help.

When I disable CSF, my server ping are responding back!

So I remove CSF installation and reinstall CSF, the same problem appear

How can I solve this issue?

My kernel is 2.6.18-92.1.6.el5PAE running on latest version of cPanel on CentOS 5.1


View Complete Thread with Replies
Sponsored Links:
Related Forum Messages:
Server.lu Having Frequently Ping Timeout
globichen can explain about this.

ping timeout happen frequently.
this is the 2nd time happen in a week

i've submit a ticket regarding about this
customer service replies with server is online.

i'm not bashing their service but frequently ping timeout really makes my business down lately.

Loading website takes a few min & even couldn't access to server due to ping timeout.

View Replies!   View Related
Ping Timeout On IPs Used For IP Based Sites
For some reason, my IPs that we use for a IP based site are un-pinable (ping time out) after some time. However, when I restart apf (firewall) the ip are back again and are pinable again.

We added the IPs for the IP based site over the ensim panel.

I belive its a Firewall issue, does anyone know how to check why the Ips are always getting un-pinable?

View Replies!   View Related
15ms Ping Vs 40ms Ping Vs 170ms Ping
15ms ping vs 40ms ping vs 170ms ping

Which you think is still acceptable for a website?

View Replies!   View Related
SSL / HTTPS Causing Error On My Server
i have wrong procedure doing to enable my SSL/HTTPS services in my vps.

First i noticed the HTTPS in my services is not running, now i'm looking to google, i found openssl website, then download the latest version and install it into my server and following the instructions, after that, i try to recompile the apache becuase i have a new updates, i found an error ssl and cannot continue to compile because of my last installation i suspect.

View Replies!   View Related
Server Attack Causing Problems For Three Days
Ever since Monday morning, my site has had problems because the server at my host is under attack.

Most of Monday my site was down. Then Monday late afternoon, it came back...I thought. The forum is up and running, but the rest of the site, built on WordPress, is screwy.

Most of the plugins aren't working because of inability to connect with the database.

I can't log in to my cPanel at all and haven't been able to since Sunday.

This is the first time I've experienced anything like this, lasting this long.

It has me wondering if I should start considering a new host. I have loved their service, especially their speedy support (native English speaking to boot) so I hate to leave but I'm not sure if their service is going a little downhill or not.

View Replies!   View Related
Server Config Causing PHP Failure
I'm having a very intermittent PHP error on my dual processor CPanel/CentOS 4x box. And it happens randomly across several domains, so I know it's not a single domain problem.

I can never figure out what causes it. 95% of the time the sites work fine (no error), but ever so often my php includes give me something like this:

PHP randomly fails to find the directory/file. And it requires an Apache restart to make it work smoothly again. It will be fine for a few days, but then it happens again. So I suppose it may not be directly related to PHP, but more of a server/apache issue? Any ideas at all?

View Replies!   View Related
Which Command To See What Is Causing High Server Load.
Which command do we type to see what is causing a high server load?

I've restarted the VPS numerous of times, and I wish to found out the problem

View Replies!   View Related
Suspecting Server Is Causing High Bandwidth Usage
For the past few days, one of the server is causing a bandwidth utilization surge for the entire rack on almost daily basis. It happen for a few minutes and it went off then it will be the same thing again the next day. When the surge is happening, most of the servers on the same segment will be inaccessible for the few minutes.

The bandwidth utilization graph for my rack is recording an abnormal surge from (6mbps --> 90mbps) for the few minutes. My MRTG is showing 2 of the Plesk servers giving the problem but the NOC guys said it the Cpanel that causing the problem.

I tried logging in to both servers but could not find what's the cause for this.

View Replies!   View Related
Any Software That Detects Exactly What Is Causing High CPU Load On Your Server
It's been a while since I've posted in this area of the forum, but was just wondering if by now someone or some company has developed a script/software that you can install on your server that will tell you the exact area where the high CPU load is coming from, such as from someone sending email, a certain users account, and etc?

Most times, you have to be mointoring your server at the time of the high load to be exactly sure of what is causing the high load, so, I'm talking about something that will email you right on the spot of the high load in case you are away and will know what caused it.

Most I've seen only tell you that you have a high load, but don't tell you what exactly caused it.

View Replies!   View Related
The Timeout SpeciMod_sec: The Timeout Specified Has Expired [severity "EMERGENCY"]
at my logs, i can see this timeout error caused my mod_security at my rhes 4 server.


Code:
mod_security-message: Access denied with code 403. Error reading request body, error code 70007: The timeout specified has expired [severity "EMERGENCY"]

I didnt specify any mod sec rule about "timeout", what timeout is this about?

View Replies!   View Related
Account Suspended Due To Server Overloading - Unknown Ip Causing This Issue
My host has suspended saying my server was overloaded and sent me a log to my mail and i don't have access to cpanel also. I just have a wordpress blog and when i had contacted host through chat they told some ip might be causing this issue so ban that ip when ur account is unsuspended.

But i am really unaware of how to find which ip is causing this issue as i have little knowledge on analysing logs. Any help regarding this is highly appreciated and please leave your suggestions for me.

I am pasting the logs that were sent by host to me in mail:

Srv PID Acc M CPU SS Req Conn Child Slot Host VHost Request
0-5 22363 32/49/49 K 5.76 2 1695 583.9 0.82 0.82 76.227.169.69
GET /index.php/181/ HTTP/1.1
1-5 22365 81/81/81 W 42.69 3 0 3060.8 2.99 2.99 76.183.97.67
GET /index.php/181/ HTTP/1.1
2-5 22367 87/87/87 K 45.81 2 991 3287.3 3.21 3.21 76.183.97.67
GET /index.php/181/ HTTP/1.1
3-5 22369 2/41/41 K 2.07 8 0 15.3 0.12 0.12 67.87.117.129
GET /wp-content/plugins/postratings/images/stars/rating_half.gi
6-5 22387 0/13/13 W 2.21 57 0 0.0 0.12 0.12 81.22.20.143
GET /index.php/181/ HTTP/1.1
7-5 22388 76/76/76 W 39.94 0 0 2871.9 2.80 2.80 141.153.137.168
GET /index.php/181/ HTTP/1.1
8-5 22396 0/26/26 W 2.46 38 0 0.0 0.34 0.34 127.0.0.1
care.com GET /whm-server-status HTTP/1.0
13-5 22413 0/18/18 W 1.46 44 0 0.0 0.33 0.33 81.22.20.143
GET /index.php/181/ HTTP/1.1
14-5 22414 0/25/25 _ 0.76 55 672 0.0 0.28 0.28 71.77.3.233
GET /wp-content/uploads/2007/12/cup.jpg HTTP/1.1
20-5 22464 2/14/14 K 0.66 8 0 52.5 0.14 0.14 67.87.117.129
GET /wp-content/plugins/postratings/images/loading.gif HTTP/1.1
21-5 22484 0/6/6 _ 1.31 40 329 0.0 0.03 0.03 74.77.10.155
-care.com GET /~realrina/nun.jpg HTTP/1.1
22-5 22510 27/37/37 K 18.07 0 1832 982.5 1.25 1.25 80.195.137.10
GET /index.php/181/ HTTP/1.1
23-5 22523 8/34/34 K 1.76 8 0 94.6 0.30 0.30 67.87.117.129
GET /wp-content/plugins/postratings/images/stars/rating_on.gif
27-5 22540 0/10/10 _ 3.36 39 167 0.0 0.19 0.19 90.192.174.63
GET /wp-content/uploads/2007/10/anand.jpg HTTP/1.1
28-5 22542 1/14/14 K 1.76 8 823 151.9 0.23 0.23 67.87.117.129
GET /wp-content/themes/ProSense%20Redux/images/picture.jpg
HTTP
29-5 23481 0/6/14 _ 0.37 11 2803 0.0 0.11 0.12 82.37.128.175
radio.audio-perfection.co.uk GET /img/player.png HTTP/1.1
30-5 22584 32/44/44 K 15.47 0 1284 989.6 1.06 1.06 80.195.137.10
GET /index.php/181/ HTTP/1.1
31-5 22588 22/25/25 K 5.77 0 751 468.0 0.46 0.46 76.227.169.69
GET /index.php/181/ HTTP/1.1
32-5 23520 0/5/8 _ 0.20 19 414 0.0 0.05 0.09 72.95.237.89 pown.us
GET /images/files/36.jpg HTTP/1.1
33-5 23627 1/6/22 K 0.06 3 967 28.0 0.06 0.35 66.249.65.196
GET /index.php/category/telugu-online-movies/page/4/
HTTP/1.1
36-5 23637 2/3/6 K 0.00 3 37 0.0 0.000 0.03 83.181.190.92 akirad.net
GET /files/color/garland-9bf1a50e/menu-expanded.gif HTTP/1.1
37-5 23673 8/9/16 K 0.49 8 0 126.9 0.20 0.21 67.87.117.129
GET /wp-content/uploads/2007/12/movie_dus_kahaniyaan.jpg HTTP/1
38-5 23674 1/3/10 K 0.00 11 1536 23.0 0.06 0.15 84.57.59.109
teeth-whitening-kit.com GET /affiliate/scripts/sb.php?a_aid=17&a_bid=7
HTTP/1.1
39-5 23690 10/10/22 K 0.99 3 0 35.6 0.03 0.29 83.181.190.92
akirad.net GET /files/color/garland-9bf1a50e/bg-tab.png HTTP/1.1
40-5 23693 0/5/10 _ 0.00 44 1106 0.0 0.04 0.07 67.11.157.83
teeth-whitening-kit.com GET /affiliate/scripts/sb
44-5 23721 1/3/6 K 0.00 8 0 0.4 0.000 0.00 67.87.117.129
GET /wp-content/plugins/share-this/share-icon-16x16.gif HTTP/1.
45-5 - 0/0/3 . 0.00 39 1 0.0 0.00 0.00 83.181.190.92 akirad.net GET
/files/color/garland-9bf1a50e/menu-expanded.gif HTTP/1.1
46-5 - 0/0/5 . 0.22 22 1332 0.0 0.00 0.04 81.22.20.143
GET /index.php/181/ HTTP/1.1
47-5 22780 51/52/52 K 26.66 0 940 1927.2 1.88 1.88 76.183.97.67
GET /index.php/181/ HTTP/1.1
48-5 - 0/0/3 . 0.00 37 6786 0.0 0.00 0.02 81.22.20.143
GET /index.php/181/ HTTP/1.1
51-5 - 0/0/13 . 0.26 35 34109 0.0 0.00 0.06 71.77.3.233
GET /favicon.ico HTTP/1.1
54-5 23746 2/3/3 K 0.51 3 0 0.0 0.02 0.02 83.181.190.92 akirad.net
GET /files/color/garland-9bf1a50e/menu-leaf.gif HTTP/1.1
55-5 23747 0/0/0 W 0.00 20 706795599 0.0 0.00 0.00 81.22.20.143
GET /index.php/181/ HTTP/1.1
56-5 - 0/0/3 . 0.00 16 4868 0.0 0.00 0.00 66.7.206.192
care.com GET /serverstats_inc.php HTTP/1.0
57-5 - 0/0/5 . 0.09 44 0 0.0 0.00 0.01 195.13.38.198 (unavailable)
POST /users_adm/start1.php HTTP/1.1
58-5 - 0/0/1 . 0.00 24 1640 0.0 0.00 0.02 81.22.20.143
GET /index.php/181/ HTTP/1.1
61-5 - 0/0/2 . 0.07 12 10194 0.0 0.00 0.01 172.188.47.93
radio.audio-perfection.co.uk GET /play_wmp.php HTTP/1.1

View Replies!   View Related
CSF + IPTables, Have To Restart CSF After Reboot
We changed our SSH port (for the slight added security that this offers) and updated our CSF config with the new port so that we can accept connections on this port.

We restarted CSF and we could connect successfully on the new port. When the server is rebooted connections are refused on the port until we *RESTART* CSF then it's all good again.

I would think being that we opened the port in CSF's config that on reboot the port would be opened back up but this is not happening and any time the server is rebooted we have to restart the firewall.

Does anybody have any suggestions on how to "fix" this or at least make it so we don't have to manually restart the firewall?

View Replies!   View Related
1and1 Server Ping
So I'm wondering what if anything I can do to get a better ping from my 1and1 server.

It's located in Wayne, PA and my ping floats around 70ms and I'm in South Lake Tahoe, CA. I only ask because there are servers with Peer1 hosted in New York, NY that give me a ping around 20ms.

Thanks for any help or advice.

Its a Windows Server 2008 Web Box.

View Replies!   View Related
Cannot Ping Ssh To Other Server
I have 2 CPanel servers. I wanted to transfer multiple accounts via WHM but it gives me error that I cannot SSH into the other server.

I tried to ping the 2nd server from 1st server and it gives me:
root@s [~]# ping xxx.xxx.xxx.7
PING xxx.xxx.xxx.7 (xxx.xxx.xxx.7) 56(84) bytes of data.
ping: sendmsg: Operation not permitted
ping: sendmsg: Operation not permitted
ping: sendmsg: Operation not permitted
ping: sendmsg: Operation not permitted
cping: sendmsg: Operation not permitted

I added both server IP into allowed list inside my APF firewall on each server as well.

I rebooted both server earlier before, but it is still not solving my problem.

View Replies!   View Related
Flush CSF (csf.deny)
How can flush csf blocked ips? (csf.deny)

View Replies!   View Related
My Server Is Very Unresponsive, Very High Ping
Server load is under 1, nearly 0 io.

Ping between 200-300, normally it is around 50.

DC says their network is fine and it is my server.

So load under 1, almost no hard drive access, why is the ping so high?

View Replies!   View Related
Access All Sites On A Server Except One (can Ping)
I got this domain hosted on my server where i can't ping or trace it. Every setting seem to be correct, the ip address, name server...etc. and other websites hosted on the server is working fine. i can reach other websites with no problem but not this domain.

how do i trouble shoot such problem? would deleted the website and recreate solve it?

has anyone ever come across such strange problem?

View Replies!   View Related
Malaysia Server Ping Test
Here are the Servers IPs which are all located @ Malaysia but different datacenter:

Server 1:
Data Center: Brickfield
IP: 202.75.55.188

Server 2:
Data Center: Jaring
IP: 202.190.175.218

Server 2:
Data Center: Cyberjaya
IP: 202.71.103.132

View Replies!   View Related
Can't Ping To The Server But Can Log In Ssh
I have a problem with my server, that i can't not ping

Quote:

[root@server apf-0.9.6-2]# ping yahoo.com
ping: unknown host yahoo.com

But i can log in the ssh. i just installed apf, i check conf.apf to made sure there are port 80, but it still can't ping.

View Replies!   View Related
Domain Name Server (DNS) Just Reply In Ping
I have a domain name for example test.com, and have subdomains for it 1.test.com and mail.test.com
main domain working fine but both of subdomains not working in webbrowser they just reply ping requests

ping 1.test.com.
it's output of /etc/init.d/named status

number of zones: 12
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
server is up and running
O.S: CentOS release 4.4 (Final)
DNS: bind-9.2.4-16.EL4
Apache: httpd-2.0.52-28.ent.centos4
CPanel: None

Please note that is all is working fine over a 3 year just stopping today

View Replies!   View Related
My Server Is Getting 999 ( Lagt ) Ping!, Vps
i am hosting a GunZ Server on a VPS,

i wana to open 2 servers, ( Quest / clan ) 2 names,

but, i can'T open the 2, only 1 if i opened the 2 one of them is getting for all palyers 999 ping ( Agent Error )...

well this is may caused by AE, how can i fix this?

View Replies!   View Related
Ping & Tracert Fine, Then Why Cannot Find Server?
I have a problem with one of my domain. Some users around the world cannot access the website, but they can ping and traceroute the server without any problems. I am able to access the website perfectly.

Site URL is www.djluv.in

And we are using IPB 2.2

Moreover if theres another domain on the same server, they can access it.

There are about 25-30 users who are facing this problem, but from different part of the world so I cant even say ISP problem.

APF has been shutdown, no Ban Filters on IPB or cpanel.

What are the possible reasons why they couldn't access the website? how to fix the problem?

View Replies!   View Related
High Ping + Packet Loss At Dedicated Server
I am facing high ping and packet loss issues with a server hosted at hetzner.de (CentOS + WHM)

For some unknown reason pings go high and stay like this (average 1500ms) until I reboot the server.

Here is a screenshot of tracert from server to me: [url]

View Replies!   View Related
Services Stop Responding, But Server Responds To Ping
I'm having a very odd problem with one of my Linux (CentOS) cpanel server, all the server's services (http, ssh, mail, dns, etc) stop responding but the server still responds to ping.

I can't find anything wrong at all on the log files either, and the technicians that manually restart the server have told me that there is no indication of a problem on the screen.

I suspected a hardware issue and had the data center techs run a hardware test on the server but everything cleared ok.

This issue started a couple of weeks ago, no major upgrade or install took place when it started happening. From what i can see the halts are completely random, some times it goes for days without it happening and some times it happens just hours after the reboots.

View Replies!   View Related
Server Firewall :: Which Is The Better Apf Or Csf
which is the better apf or csf for more security

View Replies!   View Related
CSF Settings Block My Server ..
I have a problem with my csf setting dunno why now when i start csf i block my server, i come from backup before with same config and working very well dunno why not working in this time.

Code:
###############################################################################
# Copyright 2006, Way to the Web Limited
# URL: http://www.waytotheweb.com
# Email: sales@waytotheweb.com
###############################################################################
# This configuration is for use with generic Linux servers, do not change the
# following setting:
GENERIC = "1"

# Testing flag - enables a CRON job that clears iptables incase of
# configuration problems when you start csf. This should be enabled until you
# are sure that the firewall works - i.e. incase you get locked out of your
# server! Then do remember to set it to 0 and restart csf when you're sure
# everything is OK. Stopping csf will remove the line from /etc/crontab
TESTING = "0"

# The interval for the crontab in minutes. Since this uses the system clock the
# CRON job will run at the interval past the hour and not from when you issue
# the start command. Therefore an interval of 5 minutes means the firewall
# will be cleared in 0-5 minutes from the firewall start
TESTING_INTERVAL = "5"

# Enabling auto updates creates a cron job called /etc/cron.d/csf_update which
# runs once per day to see if there is an update to csf+lfd and upgrades if
# available and restarts csf and lfd. Updates do not overwrite configuration
# files or email templates. An email will be sent to the root account if an
# update is performed
AUTO_UPDATES = "1"

# By default, csf will auto-configure iptables to filter all traffic except on
# the local (lo:) device. If you only want iptables rules applied to a specific
# NIC, then list it here (e.g. eth1, or eth+)
ETH_DEVICE = "venet0"

# If you don't want iptables rules applied to specific NICs, then list them in
# a comma separated list (e.g "eth1,eth2")
ETH_DEVICE_SKIP = ""

# Lists of ports in the following comma separated lists can be added using a
# colon (e.g. 30000:35000).

# Allow incoming TCP ports
TCP_IN = "21,22,25,53,80,110,143,443,993,995,3306,3784,7776:7779,8767,10000,35000:36000,14534,51234,25000:26000,9339,6969"

# Allow outgoing TCP ports
TCP_OUT = "20,21,22,25,53,80,110,113,443,953,995,9339,6969,5558,2222"

# Allow incoming UDP ports
UDP_IN = "20,21,53,953,3784,8767,1000"

# Allow outgoing UDP ports
# To allow outgoing traceroute add 33434:33523 to this list
UDP_OUT = "20,21,53,113,123,953,1000:3800,6100,6881"

# Allow incoming PING
ICMP_IN = "1"

# Set the per IP address incoming ICMP packet rate
# To disable rate limiting set to "0"
ICMP_IN_RATE = "1/s"

# Allow outgoing PING
ICMP_OUT = "1"

# Set the per IP address outgoing ICMP packet rate
# To disable rate limiting set to "0"
ICMP_OUT_RATE = "1/s"

# If this is a MONOLITHIC kernel (i.e. it has no LKM support, e.g. a VPS) then
# set this to 1. Because of the nature of monolithic kernels, it's not easy to
# determine which modules have been built-in, so some functionality may not be
# available and this firewall script may not work.
#
# One example is if the ip_conntrack and ip_conntrack_ftp iptables kernel
# modules are not available. If this happens, FTP passive mode (PASV) won't
# work. In such circumstances you will have to open a hole in your firewall and
# configure the FTP daemon to use that same hole. For example, with pure-ftpd
# you could add the port range 30000:35000 to TCP_IN and add the following line
# to /etc/pure-ftpd.conf (without the leading #):
# PassivePortRange30000 35000
# Then restart pure-ftpd and csf and passive FTP should then work
MONOLITHIC_KERNEL = "1"

# Drop target for iptables rules. This can be set to either DROP ot REJECT.
# REJECT will send back an error packet, DROP will not respond at all. REJECT
# is more polite, however it does provide extra information to a hacker and
# lets them know that a firewall is blocking their attempts. DROP hangs their
# connection, thereby frustrating attempts to port scan the server.
DROP = "DROP"

# Enable logging of dropped connections to blocked ports to syslog, usually
# /var/log/messages. This option needs to be enabled to use Port Scan Tracking
DROP_LOGGING = "1"

# Enable logging of dropped connections to blocked IP addresses in csf.deny or
# by lfd with temporary connection tracking blocks. Do not enable this option
# if you use Port Scan Tracking
DROP_IP_LOGGING = "0"

# Only log reserved port dropped connections (0:1023). Useful since you're not
# usually bothered about ephemeral port drops
DROP_ONLYRES = "0"

# Commonly blocked ports that you do not want logging as they tend to just fill
# up the log file. These ports are specifically blocked (applied to TCP and UDP
# protocols) for incoming connections
DROP_NOLOG = "67,68,111,113,135:139,445,513,520"

# Enable packet filtering for unwanted or illegal packets
PACKET_FILTER = "1"

# Log packets dropped by the packet filtering option PACKET_FILTER. This will
# show packet drops that iptables has deemed INVALID (i.e. there is no
# established TCP connection in the state table), or if the TCP flags in the
# packet are out of sequence or illegal in the protocol exchange.
#
# If you see packets being dropped that you would rather allow then disable the
# PACKET_FILTER option above by setting it to "0"
DROP_PF_LOGGING = "0"

# Enable SYN flood protection. This option configures iptables to offer some
# protection from tcp SYN packet DOS attempts. You should set the RATE so that
# false-positives are kept to a minimum otherwise visitors may see connection
# issues (check /var/log/messages for *SYNFLOOD Blocked*). See the iptables
# man page for the correct --limit rate syntax
SYNFLOOD = "0"
SYNFLOOD_RATE = "4/s"

# Enable verbose output of iptables commands
VERBOSE = "1"

# Log lfd messages to SYSLOG in addition to /var/log/lfd.log. You must have the
# perl module Sys::Syslog installed to use this feature
SYSLOG = "1"

# If you wish to allow access from dynamic DNS records (for example if your IP
# address changes whenever you connect to the internet but you have a dedicated
# dynamic DNS record from the likes of dyndns.org) then you can list the FQDN
# records in csf.dyndns and then set the following to the number of seconds to
# poll for a change in the IP address. If the IP address has changed iptables
# will be updated.
#
# A setting of 600 would check for IP updates every 10 minutes. Set the value
# to 0 to disable the feature
DYNDNS = "0"

# Limit the number of IP's kept in the /etc/csf/csf.deny file. This can be
# important as a large number of IP addresses create a large number of iptables
# rules (4 times the number of IP's) which can cause problems on some systems
# where either the the number of iptables entries has been limited (esp VPS's)
# or where resources are limited. This can result in slow network performance,
# or, in the case of iptables entry limits, can prevent your server from
# booting as not all the required iptables chain settings will be correctly
# configured. The value set here is the maximum number of IPs/CIDRs allowed
# if the limit is reached, the entries will be rotated so that the oldest
# entries (i.e. the ones at the top) will be removed and the latest is added.
# The limit is only checked when using csf -d (which is what lfd also uses)
# Set to 0 to disable limiting
DENY_IP_LIMIT = "100"

# Limit the number of IP's kept in the temprary IP ban list. If the limit is
# reached the oldest IP's in the ban list will be removed and allowed
# regardless of the amount of time remaining for the block
# Set to 0 to disable limiting
DENY_TEMP_IP_LIMIT = "100"

# Temporary to Permanent IP blocking. The following enables this feature to
# permanently block IP addresses that have been temporarily blocked
# LF_PERMBLOCK_COUNT times in the last LF_PERMBLOCK_INTERVAL seconds. Set
# LF_PERMBLOCK to "1" to enable this feature
#
# Care needs to be taken when setting LF_PERMBLOCK_INTERVAL as it needs to be
# at least LF_PERMBLOCK_COUNT multiplied by the longest temporary time setting
# (TTL) for blocked IPs, to be effective
#
# Set LF_PERMBLOCK to "0" to disable this feature
LF_PERMBLOCK = "0"
LF_PERMBLOCK_INTERVAL = "86400"
LF_PERMBLOCK_COUNT = "4"

# Permanently block IPs by network class. The following enables this feature
# to permanently block classes of IP address where individual IP addresses
# within the same class LF_NETBLOCK_CLASS have already been blocked
# LF_NETBLOCK_COUNT times in the last LF_NETBLOCK_INTERVAL seconds. Set
# LF_NETBLOCK to "1" to enable this feature
#
# This can be an affective way of blocking DDOS attacks launched from within
# the same networ class
#
# Valid settings for LF_NETBLOCK_CLASS are "A", "B" and "C", care and
# consideration is required when blocking network classes A or B
#
# Set LF_NETBLOCK to "0" to disable this feature
LF_NETBLOCK = "0"
LF_NETBLOCK_INTERVAL = "86400"
LF_NETBLOCK_COUNT = "4"
LF_NETBLOCK_CLASS = "C"

# The follow Global options allow you to specify a URL where csf can grab a
# centralised copy of an IP allow or deny block list of your own. You need to
# specify the full URL in the following options, i.e.:
# http://www.somelocation.com/allow.txt
#
# The actual retrieval of these IP's is controlled by lfd, so you need to set
# LF_GLOBAL to the interval (in seconds) when you want lfd to retrieve. lfd
# will perform the retrieval when it runs and then again at the specified
# interval. A sensible interval would probably be every 3600 seconds (1 hour)
#
# You do not have to specify both an allow and a deny file
#
# You can also configure a global ignore file for IP's that lfd should ignore
GLOBAL_ALLOW = ""
GLOBAL_DENY = ""
GLOBAL_IGNORE = ""
LF_GLOBAL = ""

# Enable login failure detection daemon (lfd). If set to 0 none of the other LF
# settings have any effect as the daemon won't start.
# When the trigger level of failures is reached lfd will use csf to add the IP
# to the /etc/csf/csf.deny file and block it
LF_DAEMON = "1"

# The following[*] triggers are application specific. If you set LF_TRIGGER to
# "0" the value of each trigger is the number of failures against that
# application that will trigger lfd to block the IP address
#
# If you set LF_TRIGGER to a value greater than "0" then the following[*]
# application triggers are simply on or off ("0" or "1") and the value of
# LF_TRIGGER is the total cumulative number of failures that will trigger lfd
# to block the IP address
#
# Setting the application trigger to "0" disables it
LF_TRIGGER = "0"

# If LF_TRIGGER is > 1 then the following can be set to "1" to permanently
# block the IP address, or if set to a value greater than "1" then the IP
# address will be blocked temporarily for the value in seconds. For example:
# LF_TRIGGER = "1" => the IP is blocked permanently
# LF_TRIGGER = "3600" => the IP is blocked temporarily for 1 hour
#
# If LF_TRIGGER is 0, then the application LF_[application]_PERM value works in
# the same way as above
LF_TRIGGER_PERM = "1"

# To only block access to the failed application instead of a complete block
# for an ip address, you can set the following to "1", but LF_TRIGGER must be
# set to "0" with specific application[*] trigger levels also set
LF_SELECT = "0"

#[*]Enable login failure detection of sshd connections
LF_SSHD = "5"
LF_SSHD_PERM = "1"

#[*]Enable login failure detection of pure-ftpd connections
LF_FTPD = "10"
LF_FTPD_PERM = "1"

#[*]Enable login failure detection of SMTP AUTH connections
LF_SMTPAUTH = "5"
LF_SMTPAUTH_PERM = "1"

#[*]Enable login failure detection of courier pop3 connections. This will not
# trap the older cppop daemon
LF_POP3D = "10"
LF_POP3D_PERM = "1"

#[*]Enable login failure detection of courier imap connections. This will not
# trap the older cpimap (uwimap) daemon
LF_IMAPD = "10"
LF_IMAPD_PERM = "1"

#[*]Enable login failure detection of Apache .htpasswd connections
# Due to the often high logging rate in the Apache error log, you might want to
# enable this option only if you know you are suffering from attacks against
# password protected directories
LF_HTACCESS = "5"
LF_HTACCESS_PERM = "1"

#[*]Enable failure detection of Apache mod_security connections
# Due to the often high logging rate in the Apache error log, you might want to
# enable this option only if you know you are suffering from attacks against
# web scripts
LF_MODSEC = "5"
LF_MODSEC_PERM = "1"

#[*]Enable detection of suhosin triggers and blocking of attackers
# Example: LF_SUHOSIN = "5"
LF_SUHOSIN = "0"
LF_SUHOSIN_PERM = "1"

# Check that csf appears to have been stopped. This checks the status of the
# iptables INPUT chain. If it's not set to DROP, LF will run csf. This will not
# happen if TESTING is enabled above. The check is done every 300 seconds
LF_CSF = "1"

# Send an email alert if anyone logs in successfully using SSH
LF_SSH_EMAIL_ALERT = "1"

# Send an email alert if anyone uses su to access another account. This will
# send an email alert whether the attempt to use su was successful or not
LF_SU_EMAIL_ALERT = "1"

# Enable Directory Watching. This enables lfd to check /tmp and /dev/shm
# directories for suspicious files, i.e. script exploits. If a suspicious
# file is found an email alert is sent. Only one alert per file is sent until
# lfd is restarted, so if you remove a suspicious file, remember to restart lfd
#
# To enable this feature set the following to the checking interval in seconds.
# Set to disable set to "0"
LF_DIRWATCH = "60"

# To remove any suspicious files found during directory watching, enable the
# following. These files will be appended to a tarball in
# /etc/csf/suspicious.tar
LF_DIRWATCH_DISABLE = "0"

# This option allows you to have lfd watch a particular file or directory for
# changes and should they change and email alert using watchalert.txt is sent
#
# To enable this feature set the following to the checking interval in seconds
# (a value of 60 would seem sensible) and add your entries to csf.dirwatch
#
# Set to disable set to "0"
LF_DIRWATCH_FILE = "0"

# This is the interval that is used to flush reports of usernames, files and
# pids so that persistent problems continue to be reported, in seconds.
# A value of 3600 seems sensible
LF_FLUSH = "3600"

# System Integrity Checking. This enables lfd to compare md5sums of the
# servers OS binary application files from the time when lfd starts. If the
# md5sum of a monitored file changes an alert is sent. This option is intended
# as an IDS (Intrusion Detection System) and is the last line of detection for
# a possible root compromise.
#
# There will be constant false-positives as the servers OS is updated or
# monitored application binaries are updated. However, unexpected changes
# should be carefully inspected.
#
# Modified files will only be reported via email once.
#
# To enable this feature set the following to the checking interval in seconds
# (a value of 3600 would seem sensible). This option may pur an increased I/O
# load onto the server as it checks system binaries.
#
# To disable set to "0"
LF_INTEGRITY = "3600"

# System Exploit Checking. This enables lfd to check for the Random JS Toolkit
# and may check for others in the future:
# http://www.cpanel.net/security/notes/random_js_toolkit.html
# It compares md5sums of the binaries listed in the exploit above for changes
# and also attempts to create and remove a number directory
#
# Modified files will only be reported via email once, though will be reset
# after an hour
#
# To enable this feature set the following to the checking interval in seconds
# (a value of 300 would seem sensible).
#
# To disable set to "0"
LF_EXPLOIT = "300"

# This comma separated list allows you to (de)select which tests LF_EXPLOIT
# performs
#
# For the SUPERUSER check, you can list usernames in csf.suignore to have them
# ignored for that test
#
# Valid tests are:
# JS,SUPERUSER
LF_EXPLOIT_CHECK = "JS,SUPERUSER"

# Set the time interval to track login failures within (seconds), i.e.
# LF_TRIGGER failures within the last LF_INTERVAL seconds
LF_INTERVAL = "300"

# Set the log file parsing interval (seconds). This is how long the daemon
# sleeps before processing the log file entries since the last scan finished
LF_PARSE = "5"

# Send an email alert if an IP address is blocked
LF_EMAIL_ALERT = "1"

# Send an email alert if an account exceeds LT_POP3D/LT_IMAPD logins per hour
# per IP
LT_EMAIL_ALERT = "1"

# Block POP3 logins if greater than LT_POP3D times per hour per account per IP
# address (0=disabled)
LT_POP3D = "15"

# Block IMAP logins if greater than LT_IMAPD times per hour per account per IP
# address (0=disabled) - not recommended for IMAP logins due to the ethos
# within which IMAP works. If you want to use this, setting it quite high is
# probably a good idea
LT_IMAPD = "0"

# Enable IP range blocking using the DShield Block List at
# http://www.dshield.org/block_list_info.php
# To enable this feature, set the following to the interval in seconds that you
# want the block list updated. The list is reasonably static during the length
# of a day, so it would be appropriate to only update once every 24 hours, so
# a value of "86400" is recommended
LF_DSHIELD = "86400"

# The DShield block list URL. If you change this to something else be sure it
# is in the same format as the block list
LF_DSHIELD_URL = "http://feeds.dshield.org/block.txt"

# Enable IP range blocking using the Spamhaus DROP List at
# http://www.spamhaus.org/drop/index.lasso
# To enable this feature, set the following to the interval in seconds that you
# want the block list updated. The list is reasonably static during the length
# of a day, so it would be appropriate to only update once every 24 hours, so
# a value of "86400" is recommended
LF_SPAMHAUS = "86400"

# The Spamhaus DROP List URL. If you change this to something else be sure it
# is in the same format as the drop list
LF_SPAMHAUS_URL = "http://www.spamhaus.org/drop/drop.lasso"

# Enable IP range blocking using the BOGON List at
# http://www.cymru.com/Bogons/
# To enable this feature, set the following to the interval in seconds that you
# want the block list updated. The list is reasonably static during the length
# of a day, so it would be appropriate to only update once every 24 hours, so
# a value of "86400" is recommended
#
# Do NOT use this option if your server uses IP's on the bogon list (e.g. this
# is often the case with servers behind a NAT firewall using ip routing)
LF_BOGON = "0"

# The BOGON List URL. If you change this to something else be sure it
# is in the same format as the drop list
LF_BOGON_URL = "http://www.cymru.com/Documents/bogon-bn-agg.txt"

# Connection Tracking. This option enables tracking of all connections from IP
# addresses to the server. If the total number of connections is greater than
# this value then the offending IP address is blocked. This can be used to help
# prevent some types of DOS attack.
#
# Care should be taken with this option. It's entirely possible that you will
# see false-positives. Some protocols can be connection hungry, e.g. FTP, IMAPD
# and HTTP so it could be quite easy to trigger, especially with a lot of
# closed connections in TIME_WAIT. However, for a server that is prone to DOS
# attacks this may be very useful. A reasonable setting for this option might
# be arround 200.
#
# To disable this feature, set this to 0
CT_LIMIT = "200"

# Connection Tracking interval. Set this to the the number of seconds between
# connection tracking scans. Don't set this too low or you will affect server
# performance as lfd runs netstat each time to determine the connections
CT_INTERVAL = "60"

# Send an email alert if an IP address is blocked due to connection tracking
CT_EMAIL_ALERT = "1"

# If you want to make IP blocks permanent then set this to 1, otherwise blocks
# will be temporary and will be cleared periodically or whenever the firewall
# is restarted
CT_PERMANENT = "0"

# If you opt for temporary IP blocks for CT, then the following is the interval
# in seconds that the IP will remained blocked for (e.g. 1800 = 30 mins)
CT_BLOCK_TIME = "3200"

# If you don't want to count the TIME_WAIT state against the connection count
# then set the following to "1"
CT_SKIP_TIME_WAIT = "0"

# If you only want to ount specific states (e.g. SYN_RECV) then add the states
# to the following as a comma separated list. E.g. "SYN_RECV,TIME_WAIT"
#
# Leave this option empty to count all states against CT_LIMIT
CT_STATES = ""

# Process Tracking. This option enables tracking of user and nobody processes
# and examines them for suspicious executables or open network ports. Its
# purpose is to identify potential exploit processes that are running on the
# server, even if they are obfuscated to appear as system services. If a
# suspicious process is found an alert email is sent with relevant information.
# It is then the responsibility of the recipient to investigate the process
# further as the script takes no further action. Processes (PIDs) are only
# reported once unless lfd is restarted.
#
# The following is the number of seconds a process has to be active before it
# is inspected. If you set this time too low, then you will likely trigger
# false-positives with CGI or PHP scripts.
# Set the value to 0 to disable this feature
PT_LIMIT = "60"

# How frequently processes are checked in seconds
PT_INTERVAL = "60"

# If you want process tracking to highlight php or perl scripts that are run
# through apache for greater than PT_LIMIT seconds then disable the following,
# i.e. set it to 0
#
# While enabling this setting will reduce false-positives, having it set to 0
# does provide better checking for exploits running on the server
PT_SKIP_HTTP = "1"

# User Process Tracking. This option enables the tracking of the number of
# process any given linux account is running at one time. If the number of
# processes exceeds the value of the following setting an email alert is sent
# with details of those processes. A user is only reported once, so lfd must be
# restarted to reinstate checking of all users. If you specify a user in
# csf.pignore it will be ignored
#
# Set to 0 to disable this feature
PT_USERPROC = "10"

# This User Process Tracking option sends an alert if any linux user process
# exceeds the memory usage set (MB). To ignore specific processes or users use
# csf.pignore
#
# Set PT_USERKILL to have lfd kill off the process
#
# Set to 0 to disable this feature
PT_USERMEM = "100"

# This User Process Tracking option sends an alert if any linux user process
# exceeds the time usage set (seconds). To ignore specific processes or users
# use csf.pignore
#
# Set PT_USERKILL to have lfd kill off the process
#
# Set to 0 to disable this feature
PT_USERTIME = "3200"

# If this option is set then processes detected by PT_USERMEM or PT_USERTIME
# or PT_USERPROC are killed
PT_USERKILL = "0"

# Check the PT_LOAD_AVG minute Load Average (can be set to 1 5 or 15 and
# defaults to 5 if set otherwise) on the server every PT_LOAD seconds. If the
# load average is greater than or equal to PT_LOAD_LEVEL then an email alert is
# sent. lfd then does not report subsequent high load until PT_LOAD_SKIP
# seconds has passed to prevent email floods.
#
# Set PT_LOAD to "0" to disable this feature
PT_LOAD = "30"
PT_LOAD_AVG = "5"
PT_LOAD_LEVEL = "6"
PT_LOAD_SKIP = "3600"

# If a PT_LOAD event is triggered, then if the following contains the path to
# a script, it will be run in a child process. For example, the script could
# contain commands to terminate and restart httpd, php, exim, etc incase of
# looping processes
PT_LOAD_ACTION = ""

# Port Scan Tracking. This feature tracks port blocks logged by iptables to
# syslog. If an IP address generates a port block that is logged more than
# PS_LIMIT within PS_INTERVAL seconds, the IP address will be blocked.
#
# This feature could, for example, be useful for blocking hackers attempting
# to access the standard SSH port if you have moved it to a port other than 22
# and have removed 22 from the TCP_IN list so that connection attempts to the
# old port are being logged
#
# This feature blocks all iptables blocks from the iptables logs, including
# repeated attempts to one port or SYN flood blocks, etc
#
# Note: This feature will only track iptables blocks from the log file set in
# IPTABLES_LOG below and if you have DROP_LOGGING enabled. However, it will
# cause redundant blocking with DROP_IP_LOGGING enabled
#
# Warning: It's possible that an elaborate DDOS (i.e. from multiple IP's)
# could very quickly fill the iptables rule chains and cause a DOS in itself.
# The DENY_IP_LIMIT should help to mitigate such problems with permanent blocks
# and the DENY_TEMP_IP_LIMIT with temporary blocks
#
# Set PS_INTERVAL to "0" to disable this feature. A value of between 60 and 300
# would be sensible to enable this feature
PS_INTERVAL = "0"
PS_LIMIT = "10"

# You can specify the ports and/or port ranges that should be tracked by the
# Port Scan Tracking feature. The following setting is a comma separated list
# of those ports and uses the same format as TCP_IN. The default setting of
# 0:65535 covers all ports
PS_PORTS = "0:65535"

# You can select whether IP blocks for Port Scan Tracking should be temporary
# or permanent. Set PS_PERMANENT to "0" for temporary and "1" for permanent
# blocking. If set to "0" PS_BLOCK_TIME is the amount of time in seconds to
# temporarily block the IP address for
PS_PERMANENT = "0"
PS_BLOCK_TIME = "3600"

# Set the following to "1" to enable Port Scan Tracking email alerts, set to
# "0" to disable them
PS_EMAIL_ALERT = "1"

View Replies!   View Related
Server Crached After Start CSF
I install CSF on a vps (openvz based) server.
Server crashed after im start csf.

Code:
root@server [/etc/csf]# csf -s
Flushing chain `INPUT'
Flushing chain `FORWARD'
Flushing chain `OUTPUT'
Flushing chain `acctboth'
Deleting chain `acctboth'
Restarting bandmin acctboth chains for cPanel
ACCEPT all opt -- in lo out * 0.0.0.0/0 -> 0.0.0.0/0
ACCEPT all opt -- in * out lo 0.0.0.0/0 -> 0.0.0.0/0
DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:67
DROP udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpt:67
DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:68
DROP udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpt:68
DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:111
DROP udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpt:111
DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:113
DROP udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpt:113
DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpts:135:139
DROP udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpts:135:139
DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:445
DROP udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpt:445
DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:513
DROP udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpt:513
DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:520
DROP udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpt:520 ....

View Replies!   View Related
97% Idle, So What Causing Load?
Can someone figure out by the screenshot, if my CPU is really
97% iddle, and what can be causing these average load numbers?

View Replies!   View Related
Those With CSF Installed - Server Security Check Score
If you have CSF installed, under its WHM section there is a quick security 'scan' you can run - just wondering what score you have?

I know it's not an infallible test, but the scan does test for some potentially large weaknesses hence why I'm asking here (mainly out of curiosity) what sort of scores people have.

Mine is 103/112 - the rest of the points were mainly for features I didn't want enabled for particular reasons (i.e. one of the recommendations is to force all cPanel visits to be through SSL, a feature which some clients don't want) plus sometimes it says I've got features enabled which are disabled, etc.

View Replies!   View Related
Server Disconnect Itself At 00:00AM Sharp (CSF Firewall?)
I just changed my server firewall from APF BFD to CSF

I have this problem for 3 nights, the server will disconnect itself offline at 00:00AM midnight sharp! Has anyone experience this problem before? And How to solve this problem?

The first night went un-noticed, so I thought it was normal. The second night it happen, and I set cronjob at 0:05 to stop iptables and stop csf and restart network

5 0 * * * * service iptables stop
5 0 * * * * service csf stop
7 0 * * * * service network restart
10 0 * * * * init 6

Even after reboot at 00:10, the server refuse to online after 30 minutes.

View Replies!   View Related
Causing Cpu Exceeded Error
Now I'm looking at our last cpu_exceeded_logs file and there is long list point to "/ramdisk/bin/php5" which I don't know much about it or don't know how to deal with that. would you please tell what exactly it means and what should I do to avoid it?

Example of my last cpu_exceeded_logs file:

Quote:

Mon Jul 6 00:34:50 2009: used 0.77 seconds of cpu time for /ramdisk/bin/php5
Mon Jul 6 00:34:50 2009: used 0.50 seconds of cpu time for /ramdisk/bin/php5
Mon Jul 6 00:34:50 2009: used 0.80 seconds of cpu time for /ramdisk/bin/php5
Mon Jul 6 00:34:50 2009: used 0.55 seconds of cpu time for /ramdisk/bin/php5

I can't find the cause of problem when look at /ramdisk/bin/php5.

View Replies!   View Related
Iowait Causing High Load
In my server iowait is causing high load, how do we find out which are all users taking memory that could cause my server to use swap memory.

server : linux centos/Cpanel

I have tried the below commands, but how do we locate user specific,

ps aux --sort -vsz | head -25
vmstat 1

View Replies!   View Related
Mysql Causing High Iowait
Server is Xeon 3060, 3GB Ram, 250GB SATA-II HDD. I followed the recommendations made by mysqlprimer tuner script.

top - 11:54:33 up 237 days, 15:01, 1 user, load average: 6.06, 2.80, 1.65
Tasks: 133 total, 2 running, 131 sleeping, 0 stopped, 0 zombie
Cpu(s): 13.0% us, 4.9% sy, 0.0% ni, 24.3% id, 57.8% wa, 0.0% hi, 0.0% si
Mem: 3114144k total, 3096468k used, 17676k free, 30220k buffers
Swap: 2096440k total, 32348k used, 2064092k free, 2515412k cached

PID USER PR NI %CPU TIME+ %MEM VIRT RES SHR S COMMAND
8610 nobody 16 0 28 1:37.73 0.7 78908 20m 16m S lsphp4
10520 nobody 16 0 3 0:01.97 0.4 78788 10m 6884 S lsphp4
26474 nobody 15 0 2 15:04.07 0.4 14196 11m 3216 S lshttpd
28275 mysql 22 6 1 131:28.83 7.4 733m 224m 2700 S /usr/sbin/mysqld --basedir=/ --datadir=/var/lib/mysql --user=mysql --pi

Code:
[mysqld]
max_connections=500
max_user_connections=300
skip-locking
skip-innodb
query_cache_limit=1M
query_cache_size=64M
query_cache_type=1
interactive_timeout=60
wait_timeout=60
connect_timeout=6
thread_cache_size=128
key_buffer_size=640M
max_allowed_packet=16M
table_cache=2048
join_buffer=1M
sort_buffer=2M
record_buffer=1M
sort_buffer_size=2M
read_buffer_size=2M
safe-show-database
max_connect_errors=10
thread_concurrency=2
myisam_sort_buffer_size=64M
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
#log_slow_queries=/var/log/mysql/mysql_slow-queries.log
long_query_time=3
tmp_table_size=32M
max_heap_table_size=32M
#log-queries-not-using-indexes=/var/log/mysql/mysql_queries_no-indexes.log
join_buffer_size=2M
low_priority_updates=1
read_rnd_buffer_size=2M

[mysql.server]
user=mysql
basedir=/var/lib

[safe_mysqld]
err-log=/var/log/mysqld.log
var/lib/mysql/mysql.pid
open_files_limit=8192

[mysqldump]
quick
max_allowed_packet=16M

[mysql]
no-auto-rehash

[isamchk]
key_buffer=32M
sort_buffer=32M
read_buffer=16M
write_buffer=16M

[myisamchk]
key_buffer=32M
sort_buffer=32M
read_buffer=16M
write_buffer=16M

[mysqlhotcopy]
interactive-timeout
Whenever there are a lot of members online on my forum, the iowait shoot up, >30% and often times hovering at 60%. It'll eventually drop down to normal levels. However, during the high iowait, there are over 2.5GB of free memory according to the command, free -m

is it due to mysql not optimized or other processes? I don't think the bottleneck is on the cpu or ram.

View Replies!   View Related
Bastille Firewall Causing Mysql Connection Errors
The main function of my dedicated server is the vBulletin forum that we run.

Ever since I had bastille firewall installed and configured on my server we have been getting regular vBulletin errors.

Everything runs pretty smoothly most of the time, we can carry lots of connections without any issues, server has plenty of free RAM and CPU is never overloaded even during peak hours. I have been told bastille firewall (iptables) is configured correctly, all ports that need to be open are open.

But about twice per day we have a MySQL "disconnect" that lasts about 30-60 seconds per incident. For example we will start getting the following message via e-mail, and it will amount to 20-30 e-mails like this during the 30-60 second incident. After that, the e-mails and problems will go away, until next time.

vBulletin Database Error!
mysql_connect(): Can't connect to MySQL server on 'sql.datacolony.com' (4)
/hsphere/local/home/site/site.com/forum/includes/class_core.php on line 274
MySQL Error :
Error Number :
Date : Saturday, January 26th 2008 @ 07:53:05 PM
Script : [url]
Referrer : [url]
IP Address : 92.3.190.54
Username :
Classname : vb_database

The server is running CentOS 4.6, PHP 4.4.7, MySQL 5.0.45. The vBulletin software has been patched to the latest version. The vBulletin people are not sure why this could be happening.

Well we never believed that the firewall was causing the issue BUT it only started happening on the day the new firewall was installed. So we tried stopping the firewall for a full week and the MySQL database errors stopped happening, completely. So I'm convinced the problem is the firewall blocking MySQL connections but I can't figure out why?

There are no entries in the MySQL .err logs pertaining to this. Can't figure this out, any help or ideas is appreciated since the people who installed the firewall are not sure either.

View Replies!   View Related
MySQL ERROR, Hosting Or My Script Causing The Troubles
I hosted one aardvark topsite @ PluginSpace.com which consist of high traffics (3500+ unique visitors/day). I'm facing max_users_connection for quite number of times and I also have complain to my hosting but I still get no luck, they fix my problem for a short period and the problem appear again after some time.

I rent myself a dedicated server with 320GB Space and 3400GB Bandwith and 2GB RAM. Everytime I manage to get a lot of traffics to my topsite, maybe 100+ online users at a time, tracked by freeonlineusers[dot]com. I'll got these errors. Can anyone tell me what can I do? Can anyone tell me more about how much visitors can a normal dedicated server handle? Is it my script problem or my server problem?

(ERROR WILL POST IN NEXT POST)

can the dedicated server stand many visitors or suppose a normal dedicated server can handle so many visitors or my hosting maintenance is poor?

View Replies!   View Related
Nginx Rewrite Causing Wrong Path For PHP Script
I have a large chunk of rewrites to help clean up my url's a bit on my site.. On my local machine I am running Apache and just use an .htaccess file and normal php as a module, so no problems there..

But on my server however, I am running Nginx and running PHP as a fastcgi process. In my site's config file I have my fastcgi_param set to /home/user/html/public$fastcgi_script_name...

Well I need a way to change the value of fastcgi_script_name when I have modified (search friendly..) url's that are being rewritten. Because instead of grabbing the script name, like public/text.php?x=z it will grab public/text/post-title.html and then throw me a "No input file given." error (because there is no file there..).

How should I go about sending the true PHP script name to my fastcgi_script_name variable? It just grabs the URI of the PHP script.. what other options are there?

View Replies!   View Related
How To Find What Perl Script Is Causing High CPU Usage
How to find what Perl script is causing high CPU usage?

I logged into my CentOS box tonight and notice after viewing the output of the "top" command that there are the following lines of output that have me concerned. What command can I use to find the source of the Perl script that is causing the CPU spike?

It seems it's been running for some time too.
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
30120 apache 25 0 6908 4544 1216 R 99.8 0.2 13416:07 perl
30654 apache 25 0 8028 4508 1212 R 99.4 0.2 13417:22 perl
21273 apache 25 0 7584 4528 1200 R 98.1 0.2 2225:12 perl
20516 apache 25 0 6760 4540 1232 R 96.8 0.2 2221:30 perl

View Replies!   View Related
Does Cron Timeout?
Simply wondering, does cron timeout?

I have heard mixed reports and can't find any good info. Personally i've run a cronjob for up to 6 minutes, but as my best method was sending myself emails through php, its not exactly a highly accurate testing method.

On the same note, what would happen if one cronjob is running a php script for over 10 minutes, then another cron job starts on the same script, before the first one has finished?

View Replies!   View Related
Vps Timeout
I got my VPS a few days ago and want to get started.

I installed Webmin (with the rpm - centos 5), and it says it installed successfully and then I can login.

I typed in my domain name with the ':10000' but I get a network timeout in Firefox.

I know my DNS is right, because I have the domain name pointed to my IP address with an A record.

SSH is working fine, I can login using the domain name and not my IP address.

I tried installing Lighttpd, but still get the timeout. Replacing the domain name with the VPS IP address doesn't work either.

View Replies!   View Related
SSH Timeout
Is there a way to increase the timeout for a SSH connection when idle? Mine (on my server) seems to time out after 15-20 mins of inactivity. I'd like to increase this to like 60 mins or indefinitely.

View Replies!   View Related
CGI Timeout
When i try to login my forum after waiting alittle following error occured

Code:
CGI Timeout The specified CGI application exceeded the allowed time for processing. The server has deleted the process

View Replies!   View Related
Connection Timeout On SSH
where I can't access my terminal because my connections keep getting timed out. Its been ok previously but for the last 2 days I could not connect because the connection timed out 9/10 times. No modifications were made during this time so whats the problem guys?

View Replies!   View Related
VPS - Connection Timeout
I have a problem with my VPS. Hosting company have migrated my vps to a new and better dedicated server and now on all my sites(and IP) I got connection timeout error. I have changed "Main IP" and resolvers in HyperVM 10 minutes ago and it's not working(or I have to wait to wait like for nameservers registration?). I can ping my IP and all services(lxadmin,lighttpd etc are started successfully and its not wotking, I still getting connection timeout error.

View Replies!   View Related
Unique Apache Timeout
I have a new website that has a similar feature to tripadvisor's Reviews, where users share detailed thoughts and experiences. They fill in all this information on one form so there is no interaction with the system while they are writing.

I know Apache has the TimOut setting which is set to 5 minutes by default. This ensures that you do not have users using active memory and sessions for a long period of time.

But the problem I have seen is that some users are spending 15-20 minutes writing very detailed experiences and when they hit the submit button obviously their session has timed out and they lose everything and get a system error.

I really don't want to change the TimeOut value in Apache to 20 min due to resource constraints, but is this my only option?

View Replies!   View Related
Scripts Timeout After 60 Sec
I have a phpbb3 forum that I post sound clips for my members to download and I had a few of them tell me that sometimes the downloads truncate. I asked my host what the deal is and they told me that their scripts time out after 60 seconds and that there was no way to make it longer.

I have never heard of this before and I want to know, is that normal or standard for hosting companies? It seems weird that they would host a message board that allows attachments and their service doesn't allow enough time for people with dialup or slower connections to download files in their entirety.

View Replies!   View Related
HTTP Keapalive Timeout
I'm trying to solve an issue with certain customers timing out. In regards to the "http KeepAlive timeout" value.... When this timer expires, does the webserver have the tcp stack send a FIN? IF so, does it actually do it like at six or seven seconds?

It's actually IBM IHS in this case.

View Replies!   View Related
Why Getting Session Timeout Error In IE
I am assisting a client who is linking to an online calculator, he is putting a frame on top of the calculator page, so people will still see his information. However, for some reason he is getting a Session Timeout Error in IE.

I don't get this error in Firefox using this method, or ever going to the direct page in IE.

Let me give a better explanation:

If you visit:
[url]

Just put in a fake name and email, it loads a frame at top, and then the online calculator, which is this page:
[url]

Why I am getting a Session Timeout? Is there a better solution. I never get the same error if I go directly too:
[url]

We want a frame or better solution because we still want the contact information to be in front of the consumer.

Does this maybe have to do with a cookie and frame?

View Replies!   View Related
Timeout- After Working For Awhile
I've been experiencing some annoying issues recently, trying to troubleshoot whether it's actually my server or my ISP -

Using a HostGator standard box, php 5.2.3, optimized based on scribby's tutorial.

Basically I'll be editing my website for about 10-15 minutes, going through the admin panel and uploading files from it several times. Suddenly it will begin timing out for about 1 min or so and then it will run very sluggish/slow unless I let it "cool down" for a bit and try again later. I ran "ping -t mysite.com" while editing the site and during the timeouts and there was no packet loss. I can access other sites on the server and WHM from the IP at normal speeds during the timeouts, and other people can access the affected site fine.

View Replies!   View Related
How To Increase FTP Timeout
Is there a way to increase FTP timeouts to 60 minutes within WHM? Otherwise, how would one do it via SSH?

View Replies!   View Related
MySQL Timeout On Active Connections
unfortunately my server crashes a lot recently. What happens is that some application creates a MySQL connection which hangs and then MySQL gets overloaded and takes the whole server down.

My question:

1. How do I configure MySQL to time out even on active connections ? I.e. after 30 seconds kill the process no matter if it is still active or not. Is that possible ?

2. How do I exclude the root user from that?

View Replies!   View Related
How To Extend Session Timeout In Php
My server session timeout is around 20mins. I wish to extend it longer such as 1 or 2 hours?

How can i extend it?

View Replies!   View Related
Cpanel :: Timeout While Trying To Get Data From Service
I am facing some strange problems with one of my cPanel/WHM server.
It's a dedicated server with Quad Core processor and 4gb ram.
First i thought it was a ddos attack but now i think it's not.
I am keep getting ftpd failed emails every 5-10 mins.

ftpd failed @ Mon Jul 7 06:07:21 2008. A restart was attempted automagically.

Failure Reason: Timeout while trying to get data from service
server is extremely slow and load is over 10 for last 2 days.
it shows that httpd, mysql, ftp is up but none of our site's are loading.
1 thing i noticed when i logged into WHM is that it says WHM VPS Optimized.
Attachment 13075

I tried updating cPanel but same problems.

SSH Top: .......

View Replies!   View Related
Timeout Error Starting MySQL
I'm having a bit of trouble here with MySQL, I don't know what to do. Centos 4.3, Mysql 4.1

Data is stored in /var/lib/mysql/

I'm looking to move that information to a second hard drive soon, and did a quick test of just copying it to another place on my existing drive. It won't start.

Quote:

[root@localhost ~]# service mysqld start
Timeout error occurred trying to start MySQL Daemon.
Starting MySQL: [FAILED]

Error logs

Code:
071106 12:14:33 mysqld started
071106 12:14:33 [Warning] Can't create test file /var/lib/mysqltf/localhost.lower-test
/usr/libexec/mysqld: Can't change dir to '/var/lib/mysqltf/' (Errcode: 13)
071106 12:14:33 [ERROR] Aborting

071106 12:14:33 [Note] /usr/libexec/mysqld: Shutdown complete

071106 12:14:33 mysqld ended

071106 12:17:00 mysqld started
071106 12:17:00 [Warning] Can't create test file /var/lib/mysqltf/localhost.lower-test
/usr/libexec/mysqld: Can't change dir to '/var/lib/mysqltf/' (Errcode: 13)
071106 12:17:00 [ERROR] Aborting

071106 12:17:00 [Note] /usr/libexec/mysqld: Shutdown complete

071106 12:17:00 mysqld ended
I have tried even chmod 777ing the msyqltf folder (my copy) to no avail.

my.cnf

Code:
[mysqld]
datadir=/var/lib/mysqltf/
socket=/var/lib/mysqltf/mysql.sock
# Default to using old password format for compatibility with mysql 3.x
# clients (those using the mysqlclient10 compatibility package).
old_passwords=1

[mysql.server]
user=mysql
basedir=/var/lib

[mysqld_safe]
err-log=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid

I've tried moving it to different locations. I even tried moving the original folder and renaming it, and still get this problem.

View Replies!   View Related
Copyright © 2005-08 www.BigResource.com, All rights reserved