When I SSH'd into my box, I received this message:
example.pl is on this server. HTTPD connections have been limited to restrict this script from overloading server. All servers that have hosted this file need to have extremely limited http connections or have this file removed. It is poorly written and intense on CPU/memory.
How do I go and allow example.pl to be run on my server again? I use it solely for personal sites, so I wish to not have this file blocked and be allowed to run. I've searched for almost an hour now so I figured I would go ahead and post to see if any more experienced members could assist.
I signed up for a hosted account with gator and I don't understand something. They tell me it's a policy change for security reasons but the simultaneous SSH connections has been limited to 2. That's just nuts. Is there a real reason why someone would limit this? i need two for editors, one for shell and one for mysql. Minimum of 4. What security concern could cause them to pick 2 as the number?
I just don't get it.
Here's what they said to me.
info: Please wait for a HostGator operator to respond.
Channel Sanderson: Hi. We're working on our website and have run into a small snag. It seems we can only have two open SSH connections at a time this week. We were able to open more a couple weeks ago. Is this something that you can change?
Kella J.: Ok, the issue is.. You are only alllowed 2, no matter what.. Channel Sanderson: I believe we are not understanding each other. We're not trying to connect 10 times in a minute. We just need more connections. 2 is insufficient. We need a minimum of 4 simultaneous connections to our server.
Kella J.: I am sorry, I checked with my admin.. he said there is only a limit of 2, period..
Channel Sanderson: This is an unnecessary limitation in my view and badly limits my ability to do what I need to do.
As you can see.. there are LOT of connections, checked the network traffic with the NOC, and there is no attack to this server, also, load average is just fine ( fine to handle thos 24000 connections ) :
one of my friend say that if i install an apache module which one limit the users conection can help me to protect from ddos.
becaus one of my users domain is under ddos and i think that if i limit his conection, if sombody wants to do ddos and open conection foraxample up 30 he is attacker and ban.
is it right and how i can do it and limit a one user?
How is this done? from what I gether, there's nothing built into apache which can do this which I personally think is a bit silly as it seems like a common thing. Can anyone offer any help (for apache 2).
I have a powerful 8 core 8gb ram web server with scsi raid drives running RedHat EL 4. This server handles 2,000 - 3,000 HTTP requests per second via Litespeed httpd without strain (over 60%+ CPU idle time during peak load, under 1% IO wait). As the traffic volume continues to increase I've encountered a strange problem, the symptoms of which are as follows:
- About 1/4 or 1/3 of new connections are not answered by the server - they time out.
- All connections that are answered have exactly 3 seconds added to the time it takes to establish connection with the server (can be seen as "Connecting to ..." phase in FireFox). HTTP response times were tested by Pingdom from multiple locations all over the world.
- The problem is either "on" or "off", it is not gradual.
- Server ping is unaffected during the problem - no delay and no packet drops.
- The problem does not happen during off-peak hours of the day.
If litespeed httpd settings are tweaked to keep as many connections as possible in keepalive state for as long as possible, the problem is avoided, while tens of thousands of connections are kept in keepalive state.
Possible causes that were tested and eliminated: PHP/MySQL load (problem applies to static files exactly the same), CPU / IO / RAM, network uplink, hardware firewall, DNS.
This makes me think that there is some kind of bottleneck of how many NEW connections per second the server can accept. By maxing out keepalive quantity and duration I'm reducing the number of new connections per second. This is a temporary fix that will only work up to a certain point.
After investigation, litespeed staff verified that my litespeed configuration was correct and after some testing said that nothing in litespeed was responsible for this limiting factor. Litespeed process uses relatively little CPU and can definitely handle more volume.
Following sysctl.conf values were increased substantially to see if that will make a difference: tcp_max_syn_backlog, tcp_max_tw_buckets, tcp_max_orphans, netdev_max_backlog, somaxconn, file-max. This didn't produce any results. Disabling syncookies didn't help either. dmesg doesn't have any notices of limits being hit or throttles being applied.
Litespeed staff suggests that likely some limit in linux kernel is being reached. The strange 3 second delay does seem like an "intelligent" DDOS protection strategy of some sort. Perhaps this is some kind of kernel level DDOS protection?
I've been having trouble the past few days with someone who's been "attacking" my site so to speak by continuously downloading very large files with as many connections as (he) can open. I operate a large downloads site for computer games, this person has selected the largest files (like 400-500MB). Not sure of the real intent other than to clog up my bandwidth capacity. Also he appears to be using proxies since as soon as I ban one, another shows up seeminly from China.
Anyway, I have mod_bw and I've limited the number of connections in the downloads area to 2. While that works ok, his tool uses threads like a download manager would and he's using up 30-40 child threads for his 2 file downloads.
So 2 questions,
Is there anyway to not only limit file downloads to 2, but limit the number of connections per request? Many of my visitors do use download managers and I'd like for them to continue using them but use a reasonable number of threads like 6 or 8, but not 30.
Also, is there a way to restrict access to someone using a proxy?
(1) domain1.com limit to 10 connections per IP per 30 seconds but allow if accessing file beginning with x.php such as x.php?981 x.php?o19
(2) domain2.com limit to 10 connections per IP per 30 seconds only if accessing file beginning with x.php but allow if accessing file beginning with y.php y.php?981 y.php?o19 .....
im trying to remotely install WS2003 EE R2 on a dedicated server I have purchased and have an issue. I'm installing it via KVM IP which is cool
however, after installing the network card drivers, I get a "There is no or limited connectivity" etc... so I cannot access the internet or anything on that box.
what do I do from here? how can I make the card work? It is configured to obtain the IP Address automatically as well as using the default DNS. I do have 2 IP Addresses "assigned" to me/my account but dont believe I need to configure them in WS2003?
We have a developer doing some work for us and only want to allow them FTP access to the directory they are working on. How can this be accomplished? I am not sure how to limit ftp access to certain directories?
I'm reading a lot of negative experiences here, and of course positive ones as well. When I was looking for a new company to host my website, I had some clear 'demands'.
I'll explain first, I am a player of the MMO EvE online [url] and I'm the CEO of a corporation in that game. For our corporation I wanted to create a portal from which to host all our out of game content. That content includes the usual forum, a killboard, a so called POS tracker, to keep track of fuel levels in our stations, a Shoutcast radio station to provide us with some added entertainment during our gaming, a webmail application to keep in touch with each other and last but not least a teamspeak server so we can chat.
Because it's quite a bit of stuff that I needed hosted and the bandwith some of it swallows up, especially the Shoutcast station that was something I had to look for. I was referred by one of our members to a UK company called FragSwitch Limited [url]. They've got several packages to choose from. I picked their "HARD" package that gives me 5Gb of webspace and 50Gb of traffic, plenty to suit our every need. It's a unlimited package where I can have as many of whatever I want, including e-mail addresses and subdomains. I like cPanel, so any host that uses it gets a plus from me anyway.
I've had my site hosted with them for 3 months now and haven't experienced any downtime, and since the server park is in the UK, lines to at least my country are short and fast, though I haven't heard any of our US based members complain.
So perhaps if you are looking for a complete host, you might wanna look them up, I give them a big thumbs up at least! They may not be the cheapest host out there, but they don't have to be, the service I got when I needed help to set up both my shoutcast and teamspeak servers was excellent and fast and that counts for much more to me.
Just wondering if anyone facing same problem like me on VPS.
i have a VPS which has 512 MB memory.
i'm hosting few sites on this VPS, and it does not allow more than 100 connection at a time. when i check apache it shows 100 connection, when i try to visit my site i cant.
So, is there any way i can make it more connection at a time?
Hydrya Host they are claiming they are a limited company. I have searched company house and no results show from there name. Anyone else seen this? I am in no connection but just saw there claiming it on the WHT signature.
I've always used German hosts because they are much cheaper than my homeland Greek alternatives, the latency (70ms Germany vs 30ms Greece) is bearable.
Until recently I used Strato single cpu dedicated servers, which allowed me 2000gb at 100mb/s. Although I came close, I never actually reached that 2000gb allocation.
Ever since moving to 1und1 (to a quad core) the server's speed difference has attracted more visitors and pageviews. Now my bandwidth usage has gone to 3000gb per month and at peak it requires 20-30mb/s.
The problem is that 1und1 limits you to 10mb/s if you go over 1000gb, and then requires 'resetting' it every 250gb in order to get back to 100mb/s speed.
Does anyone know of a european host that offers truly unlimited bandwidth? Every time I hit the 10mb/s limit, my pageviews go down, users leave the site.
I've contemplated writing a simple heartbeat script that polls the control panel every 5 minutes and checks if the limit has been crossed, at which it will automatically reset it for me.
Last week, we received a letter [url] from Companies House (the UK entity which governs companies).
It was addressed to Exoware, with all the correct contact details, reminding me to submit statutory documents by a certain date or face a fine and/or prosecution. It was sent to us, because apparently, Exoware is a director of Jarhosts limited. This is not true. We have never even heard of Jarhosts limited up to this point, but it appears they had ceased trading by the time we received the letter.
A few emails were exchanged between us and Companies House, which didn't really get us anywhere as they couldn't seem to understand our position, so I phoned them up myself. I got through to someone and explained our position and she informed me about the company and said they registered Exoware as a director of Jarhosts limited on 05/12/08 and they themselves promptly resigned from the company afterwards, so Exoware was the only remaining director.
After I declared that Exoware had no affiliation whatsoever with Jarhosts limited, she promptly forwarded the case to a department for dealing with fraudulent documents and said the company will dissolve soon and that we may hear from Companies House fraud department in the future.
So, my concerns are now at ease, but my curiosity still remains.
Does anybody know Jarhosts; how long they were around for, who they were owned by, or any relevant information about them? Or does anybody know of any reason that people would sign up a random business in the same industry as a director before bailing out of their own company? It all seems very obscure.
I am using their RVPS-3 plan (30$/mo, 1024 MB RAM, 40 GB drive, 500GB BW) and I am pretty unhappy about the connection and response speeds of their servers - especially during traffic peaks in the US. The server is sometimes so slow that I have to wait 5-10 seconds for a simple HTML page to load. :/
However the hardware itself works fine and for the money is IMO a very good deal. Also tech support is fine, I've had 3 requests so far and all were solved almost immediately (<20 mins). Although during the setup stage they changed the OS WITHOUT letting me know due to installation of an admin panel. They quickly changed it back when I asked them, but it's pretty strange anyway.
It really is a pity that the connection speed is so bad, because other than that I couldn't say a bad word about them. Now I have to consider moving somewhere else...
I was looking at the offer section and I found that there is limited choices for providers that is on the west coast. I am just looking for simple and cheap server to run on directadmin for my adult site but I can't seem to be able to find one. Anyone knows of any decent providers in the west?
I used to create a user by using /usr/sbin/sysinstall in freebsd, but how do i limit that user so he can't view important files (like: dhcpd.conf, rc.conf....) or can't do such as command pico, nano, vi ...etc?
All i want is that user can log in to my freebsd box and then he will ssh to other local servers, I just want my freebsd box is a bridge/gate for him to ssh to local servers which behind that freebsd box. Is it possible ?Thanks.
I know that i have to create a group with has only ssh permission but how do i do that?
I am having trouble working out which host to choose for a new project.
I usually opt for Webmania or Heart Internet - they are excellent providers but Webmania now applies a bandwidth cap that may be too low and Heart's cheapest package does not provide sub-domains. I can't be sure whether 12GB will be big enough for a site that will contain galleries of high-res images (I have no prior experience with caps and traffic predictions are impossible at this time) and to get sub-domains from Heart means a £90 per year package (too much).
Streamline is one of the few good-value providers that do not cap bandwidth, but I have concerns about the effect that this may have on server speed given that it is bound to attract the kind of sites that are really heavy on bandwidth. This point was mentioned in an article recently.
If I take the last option, will I be hampering the performance of my site?
