The server runs gallery2, how many connections does an IP need just to browse the gallery? I'd like to block wget etc, but don't want to hurt search engine optimization (SEO). Is there a compromise, like limiting IPs to 5 connections, so the site still gets crawled, just slower?
DDoS deflate is installed: [url]
which permabans IPs with 150+ connections
Also what are the commands to block and unblock these IPs,
I tried to update a plugin at my blog its a wordpress blog, as soon as the update was started that site on the server stopped working, (later on i closed the upgradation window), after few minutes website start working automatically, Now in my opinion I think that update process is still running in background thats why connections are creating continuously to that website IP.
[root@server ~]# netstat -alpn | grep :80 | awk '{print $4}' | cut -d: -f1 |sort |uniq -c 1001 serverIPhere its even touching 1500, I tried to contact my server support but unfortunately they can investigate the issue, instead they told me to check with the following command.
which is not an answer to my question. Can anybody please tell me why those connections are making to that website's IP? I don't think its a Ddos attack, because it was just started when i updated the plugin.
How many simulteanous connections to the site do alot of webhosting company usually allow with shared hosting packages. I was wondering because4 some companies say pay $$ a month get 300gb of bandwith a month. Can they limit the bandwith by limiting your simulteanous connections? I am asking because I just found out my host only allows 50 per hosting package that is on a shared server. To me that seems to be very little.
WARNING: One or more of your DNS servers does not accept TCP connections. Although rarely used, TCP connections are occasionally used instead of UDP connections. When firewalls block the TCP DNS connections, it can cause hard-to-diagnose problems. The problem servers are:
Error [No response to TCP packets].
APF is installed on the server, how do I allow TCP DNS connections? I already added port 53 to ingress/egress for TCP and UDP.
My server started lagging up and I processed my configserver firewall logs and founds tons of TCP out connections. How can I track down which user was making these connections, if possible?
i have a vps, and im current use lighttpd, but i want move to litespeed Standard. And i see they limit Max Concurrent Connections =150 on standard version.
but what is Max Concurrent Connections? where can i find it.
and is it the number connection via port 80 (netstat -nt | grep :80 | wc -l)?
Has anyone worked with the cable companies on internet connections for hosting? Eg. Comcast, TW.
I worked with a sales rep for Comcast a few years ago on a solution for our offices. He worked out a line that would give us 3+mbits up speed for less then the price of a T1.
It also included a dedicated line to our offices. Would using a cable line be a bad idea for a hosting connection?
I signed up for a hosted account with gator and I don't understand something. They tell me it's a policy change for security reasons but the simultaneous SSH connections has been limited to 2. That's just nuts. Is there a real reason why someone would limit this? i need two for editors, one for shell and one for mysql. Minimum of 4. What security concern could cause them to pick 2 as the number?
I just don't get it.
Here's what they said to me.
info: Please wait for a HostGator operator to respond.
Channel Sanderson: Hi. We're working on our website and have run into a small snag. It seems we can only have two open SSH connections at a time this week. We were able to open more a couple weeks ago. Is this something that you can change?
Kella J.: Ok, the issue is.. You are only alllowed 2, no matter what.. Channel Sanderson: I believe we are not understanding each other. We're not trying to connect 10 times in a minute. We just need more connections. 2 is insufficient. We need a minimum of 4 simultaneous connections to our server.
Kella J.: I am sorry, I checked with my admin.. he said there is only a limit of 2, period..
Channel Sanderson: This is an unnecessary limitation in my view and badly limits my ability to do what I need to do.
Just logged in my cPanel, and Apache Server Status shows
Parent Server Generation: 7 Server uptime: 2 hours 52 minutes 5 seconds Total accesses: 701666 - Total Traffic: 63.7 GB CPU Usage: u1610.22 s255.4 cu0 cs0 - 18.1% CPU load 68 requests/sec - 6.3 MB/second - 95.2 kB/request 400 requests currently being processed, 0 idle workers
I told customer service and said my website (a big forum) have 4000 people now, I felt very slow, could the slowness caused by this max apache connection setting?
I got reply: "400 seems to be as high as Apache can go. Your httpd.conf settings currently show 500 max connections enabled. If Apache is stopping at 400 then this is it's hard limit for maximum connections. Also If it was able to go even higher you would eventually run into memory issues on the server that would cause the server to crash."
Can anyone tells me if "400 requests currently being processed, 0 idle workers " is a problem or could it be the cause of the slowness. I imagin if more people request connection, and apache can't deal with that much, it has to let those request wait in the queue, therefore caused slowness or time-out.
The seem server could deal with 8000 people online before, no any problem at all and speed was quite fast. I don't know what i should do now.
I've had a problem a couple of times where there is a bad ftp connection to a host. A trace reveals that there is a node timing out. What is a good way to work around this. Web based ftp client or other solution?
My PHP application is starting to reach max mysql server user connections limit (currently set to 60). I listed mysql process list in phpmyadmin and found there lot of queries with status "LOCKED" these hang there for a long time(not always just sometimes - twice a day) and then connection limit is reached. It causes load average about 40 for as long as 10 - 20 minutes
I think it may be bacause of query structure. There are some queries with many inner joins...
Here is typical situation from phpmyadmin's process list:
1. select ... from table_1 inner join table_2 inner join table_3 inner join table_4 inner join table_5 This show status : "Copying to tmp table" in phpmyadmin
2. update table_2 set ....
This shows status: Locked
3. select ... from table_2
This shows status: Locked
Seems then when temp table is being created the table_2 is locked and it cannot make update to table_2. or maybe it's locked because of just that update on table_2.
I want to avoid of creating temp tables... Can it help if I'll make separate selects without large table joins ?
My site is hosted on Dreamhost and gets over 1 million hits a day. The site is highly optimized, so it can handle the load easily without slowing the server down. Most pages have a loading time of under 0.2 seconds.
However, Dreamhost is telling me now that I'm using up too many "connections" and have limited my connections to 150 every 3 seconds (or so they say). Now 503 errors are coming up left and right, and its highly annoying to me and my users. Oh, and Dreamhost has mentioned several times that I'm oh such a very good candidate to upgrade to $400/mo dedicated hosting (from $8/mo currently).
So my question is, is this connection restriction really a valid concern of Dreamhost or are they just trying to milk me for money because my site is popular?
I currently have two 30/10 MB connections and I am hosting a MMO Gaming server on one of them. I have seen some topics on some forums but never really had the need to do this but now since I am getting quite a few users It would be best for me to start looking for a way to upgrade my connection. This is the fastest connection in my area. Anyways I remember hearing about a router that could combine two connections. And I was wondering could this work hosting a gaming server? I think i remember someone saying that i could setup a domain to route the server to connect to both the ips allowing twice the amout of people to connect to the server with out (connection) lag. I was wondering if this is true.
And if someone would link me to your unrecommended hardware that would be great.
Does that look normal to you? Because I read somewhere that you should allow no more then 30 connections per IP. But most are taking much more then that.
I'm currently using MySQL 4.1.12 for Windows 2003, and I need to know how much possible connections can MySQL achieve? I'm currently around 650. I'm having 4 new servers online, and that will bring my total concurrent connections to 1000+.
I currently have a dedicated server with the following specs:
Celeron 2.6ghz 2gb ram 100mbit connection
the cpu load is always under 0.7, and I always have at least 400mb of free ram.
The site takes about 5-10 seconds to load a test page with just a single word on it. When I type netstat -n | grep :80 | wc -l I get around 1100-1200 connections. I get about 130k page views per day.
My site is about 95% static html, it has about 150 images per page. How can I speed up my site?
Here are my apache httpd.conf settings: Timeout - 100 KeepAlive - on KeepAliveTimeout - 12 StartServers - 48 MinSpareServers - 32 MaxSpareServers - 64 MaxClients - 1500 MaxRequestsPerChild - 1000000
I've still got a problem with my colocated server.
Specs: Intel Core 2 Q6600 2x2048MB DDRII PC5300 ECC (CL5.0) 2x250GB Seagate 7200RPM 16MB Cache Asus P5M2-M/C i3000 (NIC: broadcom NetXtreme 5721) Asus ASMB3 IPMI2.0 Windows 2003 Ent R2
Now, the issue is something with my network card (I think).
Whenever I use Virtual Server R2 or VMWare to bridge the connection of a VM to the physical network to assign an own IP to it, it simply doesn't work.
Host and guest (tried Vista/XP/Server 2003/CentOS/Fedora) can ping each other, but they can't get any further.
Now I've been googling, and there seems to be somesort of a problem/bug with this networkcards and bridged connections, but I didn't found a solution for this.
I've updated its network driver (if rightclicking the .inf and clicking install was enough) with no result.
This problem might be related to phpBB 3.RC1, but I somewhat finds that hard to believe. The story:
Two days ago I upgradet our phpBB 2.0.22 forum to 3.0.RC1.
Since the update I have experienced some weirdness on the server. I have a script, that amongst other things, prints out how many active connections there are to the server at any time. This value has always been between 50 (nighttime) and 300 (80-100 users on the forum). But since the update, occasionally the number of connections climbs well above 800, the DDOS protection gets alarmed, and I get an email saying xx.xx.xx.xx ip adress was banned.
Soo... Today the alarms went of again, and this time i checked the ip address with the forums online users list, and it turned out it was a forum user, and I knew him. I called him up on the phone and asked what had happened.
To make a long story short:
1. Server behaves normally
2. User x opens browser, goes to the forum, and start browsing categories.
3. For each click the user makes, the server get 100 more open connections.
4. User x says that for each click he makes the forum grinds even closer to a halt.
While this is happening, other users are browsing the forum just fine, with no performance problems.
5. User x reaches 800+ open connections to the server, and are locked out.
I've checked with netstat, and all hanging connections from the ip in question are flagged SYN_RECV.
This happens not only to this user, but also a couple of others. Not many though.
Is it possible that phpBB3 never closes connections for some users? Pages never load completely, or would this have to be a client problem?
Any other reasons why so many SYN_RECV connections accumulate?
Someone attacked my server yesterday with a script or something. I ran # netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -nk 1 and it showed me that one client made more than 500 connections to port 80, causing a load higher than 50. I disabled thread and content viewing for guests on my vbulletin forum, and the load went back to 1.5. I analyzed the apache logfile, but it doesn't show any suspicious activity for that client.
How did he manage to make more than 350 connections to my server? With a script or something? I've APF firewall installed in monolythic kernel mode with the standard rules.
I now have to move on to the question of Ethernet ports in relations to rack mount servers. I have just about ever question answered now. Now my question is about the connection to the web my server will use. Is it better to have a single or a dual Ethernet post?
I see a lot of duals. Here are some of the samples I have read when building my server. 2 x Intel® 82546GB Gigabit Ethernet Ports Dual Onboard Gigabit Ethernet LAN Ports Dual Intel® 82541GI Single-port Gigabit Ethernet Controller Broadcom dual Gb NICs Intel dual Gb NICs Broadcom BCM5754, 10/100/1000Mbps
I have a virtuozzo VPS with CSF. People can't connect to ftp because the firewall is conflicting with iptables. I looked at the csf guide:
[url]
To correct it, the ftp issues states:
Quote:
For example, with pure-ftpd you could add the port range 30000:35000 to TCP_IN and add the following line to /etc/pure-ftpd.conf and then restart pure-ftpd: PassivePortRange30000 35000
Where is pure-ftpd.conf? Do I have to install it or something?