Traffic Spikes And Perl Processes - Security Issue
Oct 28, 2009
I admit I know nothing when it comes to servers. Yet I do have a root server and I noticed that there are some days when the traffic spikes up to 20 times the average and when I login via ssh I see many perl processes. I don't know what those are since I don't use any perl scripts on my web site. Is this a potential or maybe an ongoing security issue?
View 2 Replies
ADVERTISEMENT
Sep 16, 2007
I am currently moving from my current dedicated servers because they simply cannot handle the load. I have a site which frequently makes it onto radio, digg and other similar sites.
I need a dedicated server that can take a beating from Digg and offline Media. For most of the month the server load is really low, the site hardly uses up anything. However, when it hits those sites, it suffers.
I am OK with using Shell, just basic tars/logs/sqldumping/httpd.conf editing/rebooting etc.. anything beyond that like installing and configuring software I cant really do.
I guess I am looking at a dedicated option (linux based) with a host that'll setup software/modules modules for me when I ask, but doesn't really need to hold my hand all the time.
How are ThePlanet.com's servers? Do they manage the servers?
View 14 Replies
View Related
Jan 27, 2007
ive been trying to install it for about 3 hours and ive finally got it working. now, how do i configure it to be nice and secure?
first thing is that i want to restrict which paths people can use in scripts. my site needs to access any paths but site users can only access their own directories. i want the exact same thing as in this thread but with perl instead of php
how do i block certain functions and which ones do i block? i heard perl and php are very similar so im guessing i want to block similar functions to the ones listed here
View 3 Replies
View Related
Jun 29, 2008
A client hacked another client of mine using the following Perl code:
#!/usr/bin/perl
symlink ("/home/john/public_html/config.php","/home/carole/public_html/forums/includes/config.php");
After the hacker got the DB name, username and password it's very easy to change anything in the forum using PHP.
I'm using cPanel.
View 1 Replies
View Related
Jul 9, 2009
How can I better monitor and trace down I/O spikes? I've noticed the wait hit 60% every now and again... could someone be running a rapidleech script and if so, how can i find it?
View 2 Replies
View Related
Oct 13, 2007
Ive had a server for a while now, and had a backup hdd installed recently.
There seems to be CPU spikes happening from time to time up to 35%
Usually it sits on 0.17 - 0.80
But suddenly its been jumping around.
I have no idea where its coming from, as I cant check it in time.
Its a new problem thats just come up, and Im not so sure what it may be, as I havent got any new accounts on it.
I do get bounced emails from mailman for some reason, and mail queue is usually large, but server was generally cleaned up from it being abused.
View 4 Replies
View Related
Jan 15, 2007
Everything was running ok until last week.
I haven't really done anything new other then added another forum on the server (Invision).
Basically the problem is the random spikes I get. The main forum that is running on the server haven't really increased in terms of sim connections. Its usually around 180 - 220 during peak times.
On TOP there is usually around 250 tasks. When this thing started happening it would spikes to 500+ tasks which totally kills the server. Its pretty random also. Sometimes it'll go fine for a few hours and then suddenly climbed slowly up and then the server dies. For now its going to crash whenever I let apache run for an hour or so.
The only way I can restore is to restart apache. It has come to the point where I've had to put in restart apache in the cronjob list. Restart it every few minutes since I'm not always here watching over it. This is obviously a shortterm solution to keep the forum up while I troubleshoot this.
Here's a screenshot when it was just about dead
http://img392.imageshack.us/my.php?image=serverwf0.jpg
I checked out the logs and didn't see anything.
I was either told it needed more ram or that it was hacked.
The JRE is the flashchat I'm running and the trans_linux is a bot for the shoutcast.
Since I haven't been doing anything new.. I don't think its the resources of the server thats too little.
The server i have is
Dual Opteron 252
2 gigs of ram
1 146GB 15,000RPM scsi drive
how I can resolve it? Is Apache using more memory then its suppose to?
View 12 Replies
View Related
May 4, 2007
We've had a VPS for just over a month now. I am not going to mention the host by name (yet) but they advertise here and other people here reported liking them.
Sadly it's not my experience and I regret my purchase.
Every morning for the past few weeks, we get load spikes every 30 minutes that make our site unusable for a minute (on our VPS, any load over 1.0 is sluggish, over 2.0 is virtually unusable, over 3 is unresponsive)
Here's a series of days as an example:
[url]
The worst part about this is the host insists 1. either it's not happening or 2. they can't find it
I know it's happening because when I try to load a page on the half-hour, it takes over 13 seconds (less than 1 second normally). And it's fairly obvious it's someone doing a cron job with some nasty downloading, uploading, or maybe a massive mysql update.
Someone tell me what to tell them because this is driving me out of my mind. The load is NOT being caused by ourselves, I've made sure all our cron jobs don't happen on the exact half hour and we get lots of traffic later in the day without loads.
View 14 Replies
View Related
Nov 15, 2007
What traffic monitor would everyone recommend for sites that have as many as 5,000 to 10,000 hits an hour?
View 8 Replies
View Related
Apr 4, 2008
I run a web hosting company and one of my servers is a LAMP server running CentOs 5. A user of mine has a Joomla installation running to manage his website and he has run into the following problem that I am puzzled by.
When Joomla adds a component or module to itself, or when a user uses the Joomla upload functionality, Joomla will add the new files under the user name "apache". This makes sense as it is the apache service running PHP that is actually creating the files.
However, when he FTP's into the account to modify these files, he doesn't have the appropriate permissions to do so as he doesn't have a root level login, just permissions on his home directory which is the site. Any help would be much appreciated.
Also, does anyone know how to change the owner/group of a directory and all of its sub directories in Linux without changing the actual permissions? I.e. some of the files in the folder have different permissions (0644 as apposed to 0755) than its parent but if I do a top down user/group change on the folder it will change everything in that folder to 0755.
View 10 Replies
View Related
Aug 6, 2007
ps x
Quote:
7992 ? S 0:08 [cifsd]
26898 ? S 0:00 [cifsoplockd]
26899 ? S 0:00 [cifsdnotifyd]
What are those processes?
View 2 Replies
View Related
Oct 23, 2006
anybody here have a review or a way to trace proccess from scratch after top -c or ps -aux
how i got the exact file or user cause this process ....
View 13 Replies
View Related
Jul 10, 2009
I just recently switched to using fcgid with cPanel and was wondering how I can go about seeing what is actually running under each process. Before when I was running PHP as CGI I could do psauxwe|grep PID and see all the environmental variables along with the path. I'm not able to do that any longer with fcgid. Is there anyway to get this info now?
View 2 Replies
View Related
Jun 6, 2009
rpc 1749 1 0 04:15 ? 00:00:00 rpcbind
dbus 1766 1 0 04:15 ? 00:00:00 dbus-daemon --system
root 1790 1 0 04:15 ? 00:00:00 /usr/sbin/acpid
68 1798 1 0 04:15 ? 00:00:00 hald
root 1801 1 0 04:15 ? 00:00:00 /usr/sbin/console-kit-daemon
root 1802 1798 0 04:15 ? 00:00:00 hald-runner
root 1898 1802 0 04:15 ? 00:00:00 hald-addon-input: Listening on /dev/input/event1 /dev/input/event0
68 1939 1802 0 04:15 ? 00:00:00 hald-addon-acpi: listening on acpid socket /var/run/acpid.socket
just wondering if i really need them...
View 2 Replies
View Related
Nov 27, 2008
Well one of my servers has been under a DDoS attack for a while and I've been doing things to keep it down but there is a suspicious process that keeps running and I am guessing that is whats keeping the server load up because when I stop apache the load goes down but not for long.
The process is this:
Code:
/opt/adobe/fms/fmscore -adaptor _defaultRoot_ -vhost _defaultVHost_ -app registry -inst registry -tag -conf /opt/adobe/fms/conf/Server.xml -name _defaultRoot_:_defaultVHost_:registry:registry:
Does anyone know what this process is or how to block it?
View 9 Replies
View Related
Jul 11, 2008
I've found I've got tons of processes "sleeping" on my server, how do I view what processes are sleeping? Is there a command I can run that lists all sleeping (only) processes?
View 4 Replies
View Related
Feb 12, 2008
Got some processes that regularly eat up my cpu resources:
%CPU 36.0netstat -plan
%CPU 36.0 /usr/local/apache/bin/httpd -k start -DSSL
%CPU 6.2httpd [truncurl.com] [/leisha?.jpg]
Note leisha.jpg does not even exist!!
%CPU 7.0 /usr/local/bin/python2.4 -S /usr/local/cpanel/3rdparty/mailman/cron/disabled
Something is going seriously wrong with my server,
what can I do ?
My server is frequently down because of kmemsize errors and I'm sure something is misconfigured.
Will try to disable mailman now, pretty strange to find that in my log.
urrent Time: Tuesday, 12-Feb-2008 04:38:22 PST
Restart Time: Tuesday, 12-Feb-2008 04:11:28 PST
Parent Server Generation: 0
Server uptime: 26 minutes 53 seconds
Total accesses: 16026 - Total Traffic: 14.8 MB
CPU Usage: u1.97 s1.55 cu0 cs0 - .218% CPU load
9.94 requests/sec - 9.4 kB/second - 971 B/request
46 requests currently being processed, 20 idle workers ....
View 3 Replies
View Related
Feb 1, 2008
How do I get a list of just the sleeping processes on a Red Hat server?
View 4 Replies
View Related
Aug 18, 2007
Kernel Version(uname -r):
2.6.9-42.ELsmp
Hardware Information:
Intel C2D E6400
2GB DDRAM Memory
120GB EIDE Hard Drive
Software Version(if it is a specific peice of software causing problems)
IPB Forum Software
Control Panel(if any)
Plesk
A "ps -auxf" and/or a "top"(if possible)
Code:
[root@server ~]# ps -auxf
Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.3/FAQ
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 1892 384 ? S 19:42 0:00 init [3]
root 2 0.0 0.0 0 0 ? S 19:42 0:00 [migration/0]
root 3 0.0 0.0 0 0 ? SN 19:42 0:00 [ksoftirqd/0]
root 4 0.0 0.0 0 0 ? S 19:42 0:00 [migration/1]
root 5 0.0 0.0 0 0 ? SN 19:42 0:00 [ksoftirqd/1]
root 6 0.0 0.0 0 0 ? S< 19:42 0:00 [events/0]
root 8 0.0 0.0 0 0 ? S< 19:42 0:00 \_ [khelper]
root 9 0.0 0.0 0 0 ? S< 19:42 0:00 \_ [kacpid]
root 31 0.0 0.0 0 0 ? S< 19:42 0:00 \_ [kblockd/0]
root 32 0.0 0.0 0 0 ? S< 19:42 0:00 \_ [kblockd/1]
root 53 0.0 0.0 0 0 ? S< 19:42 0:00 \_ [aio/0]
root 54 0.0 0.0 0 0 ? S< 19:42 0:00 \_ [aio/1]
root 1858 0.0 0.0 0 0 ? S< 19:43 0:00 \_ [kauditd]
root 5022 0.0 0.0 0 0 ? S 19:52 0:00 \_ [pdflush]
root 7 0.0 0.0 0 0 ? S< 19:42 0:00 [events/1]
root 311 0.0 0.0 0 0 ? S< 19:42 0:00 \_ [ata/0]
root 312 0.0 0.0 0 0 ? S< 19:42 0:00 \_ [ata/1]
root 334 0.0 0.0 0 0 ? S< 19:42 0:00 \_ [kmirrord]
root 5021 0.0 0.0 0 0 ? S 19:52 0:00 \_ [pdflush]
root 33 0.0 0.0 0 0 ? S 19:42 0:00 [khubd]
root 52 0.6 0.0 0 0 ? S 19:42 0:54 [kswapd0]
root 200 0.0 0.0 0 0 ? S 19:42 0:00 [kseriod]
root 316 0.0 0.0 0 0 ? S 19:42 0:00 [scsi_eh_0]
root 317 0.0 0.0 0 0 ? S 19:42 0:00 [scsi_eh_1]
root 346 0.0 0.0 0 0 ? S 19:42 0:01 [kjournald]
root 1427 0.0 0.0 2576 296 ? S<s 19:43 0:00 udevd
root 1931 0.0 0.0 0 0 ? S 19:43 0:00 [kjournald]
root 2525 0.0 0.0 3400 256 ? Ss 19:43 0:00 cpuspeed -d -n
root 2526 0.0 0.0 3400 252 ? S 19:43 0:00 \_ cpuspeed -d -n
root 2875 0.0 0.0 1644 460 ? Ss 19:43 0:00 syslogd -m 0
root 2879 0.0 0.0 2544 340 ? Ss 19:43 0:00 klogd -x
root 2889 0.0 0.0 3252 284 ? Ss 19:43 0:00 irqbalance
rpc 2907 0.0 0.0 2136 336 ? Ss 19:43 0:00 portmap
root 2926 0.0 0.0 2784 440 ? Ss 19:43 0:00 rpc.statd
root 2954 0.0 0.0 5252 160 ? Ss 19:43 0:00 rpc.idmapd
root 3021 0.0 0.0 2472 424 ? S 19:43 0:00 /usr/sbin/smartd
root 3030 0.0 0.0 3048 312 ? Ss 19:43 0:00 /usr/sbin/acpid
root 3039 0.0 0.0 8816 852 ? Ss 19:43 0:00 cupsd
root 3114 0.0 0.0 4932 480 tty8 Ss+ 19:43 0:00 /bin/bash
root 3252 0.0 0.0 5500 948 ? Ss 19:43 0:00 /usr/sbin/sshd
root 4926 0.0 0.1 9852 2456 ? Ss 19:47 0:02 \_ sshd: root@pts/0,pts/1
root 4930 0.0 0.0 4452 1400 pts/0 Ss 19:48 0:00 \_ -bash
root 5029 0.1 0.0 2812 984 pts/0 S+ 19:54 0:13 | \_ top -c
root 4968 0.0 0.0 5276 1408 pts/1 Ss 19:49 0:00 \_ -bash
root 13543 0.0 0.0 3868 820 pts/1 R+ 21:57 0:00 | \_ ps -auxf
root 5656 0.0 0.0 4520 1244 ? Ss 20:18 0:00 \_ /usr/libexec/openssh/sftp-server
root 3265 0.0 0.0 3476 656 ? Ss 19:43 0:00 xinetd -stayalive -pidfile /var/run/xinetd.pid
root 3291 0.0 0.0 5296 580 ? S 19:43 0:00 /usr/lib/courier-imap/couriertcpd -address=0 -stderrlogger=/usr/sbin/courierlogger -stderrloggername=imapd -maxproc
root 3293 0.0 0.0 4884 464 ? S 19:43 0:00 /usr/sbin/courierlogger imapd
root 3303 0.0 0.0 3956 512 ? S 19:43 0:00 /usr/lib/courier-imap/couriertcpd -address=0 -stderrlogger=/usr/sbin/courierlogger -stderrloggername=imapd-ssl -max
root 3305 0.0 0.0 4168 208 ? S 19:43 0:00 /usr/sbin/courierlogger imapd-ssl
root 3313 0.0 0.0 5300 512 ? S 19:43 0:00 /usr/lib/courier-imap/couriertcpd -address=0 -stderrlogger=/usr/sbin/courierlogger -stderrloggername=pop3d -maxproc
root 3315 0.0 0.0 5180 208 ? S 19:43 0:00 /usr/sbin/courierlogger pop3d
root 3324 0.0 0.0 3524 512 ? S 19:43 0:00 /usr/lib/courier-imap/couriertcpd -address=0 -stderrlogger=/usr/sbin/courierlogger -stderrloggername=pop3d-ssl -max
root 3326 0.0 0.0 5260 208 ? S 19:43 0:00 /usr/sbin/courierlogger pop3d-ssl
root 3336 0.0 0.0 2604 220 ? Ss 19:43 0:00 gpm -m /dev/input/mice -t exps2
named 3365 0.0 0.0 47804 1552 ? Ssl 19:43 0:00 /usr/sbin/named -u named -c /etc/named.conf -u named -t /var/named/run-root
root 3431 0.0 0.0 5492 476 ? S 19:43 0:00 /bin/sh /usr/bin/mysqld_safe --defaults-file=/etc/my.cnf --pid-file=/var/run/mysqld/mysqld.pid
mysql 3461 2.3 1.7 180312 36012 ? Sl 19:43 3:06 \_ /usr/libexec/mysqld --defaults-file=/etc/my.cnf --basedir=/usr --datadir=/var/lib/mysql --user=mysql --pid-file
qmails 3485 0.0 0.0 2816 408 ? S 19:43 0:00 qmail-send
qmaill 3487 0.0 0.0 3364 392 ? S 19:43 0:00 \_ splogger qmail
root 3488 0.0 0.0 3432 192 ? S 19:43 0:00 \_ qmail-lspawn ./Maildir/
qmailr 3489 0.0 0.0 2340 320 ? S 19:43 0:00 \_ qmail-rspawn
qmailq 3490 0.0 0.0 2960 264 ? S 19:43 0:00 \_ qmail-clean
postgres 3533 0.0 0.0 19968 964 ? S 19:44 0:00 /usr/bin/postmaster -p 5432 -D /var/lib/pgsql/data
popuser 3549 0.0 0.0 28160 1112 ? Ss 19:44 0:00 /usr/bin/spamd --username=popuser --daemonize --nouser-config --helper-home-dir=/var/qmail --max-children 5 --creat
popuser 3550 0.0 0.0 28160 360 ? S 19:44 0:00 \_ spamd child
popuser 3551 0.0 0.0 28160 360 ? S 19:44 0:00 \_ spamd child
popuser 3552 0.0 0.0 28160 360 ? S 19:44 0:00 \_ spamd child
popuser 3553 0.0 0.0 28160 360 ? S 19:44 0:00 \_ spamd child
popuser 3554 0.0 0.0 28160 360 ? S 19:44 0:00 \_ spamd child
root 3638 0.0 0.0 36808 836 ? Ss 19:44 0:00 /usr/local/psa/admin/bin/httpsd
psaadm 3643 0.0 1.3 48492 27292 ? S 19:44 0:01 \_ /usr/local/psa/admin/bin/httpsd
psaadm 4927 0.0 0.6 42516 13556 ? S 19:48 0:00 \_ /usr/local/psa/admin/bin/httpsd
root 3899 0.0 0.0 5292 512 ? Ss 19:44 0:00 crond
root 3917 0.0 0.0 2800 328 ? Ss 19:44 0:00 /usr/sbin/atd
dbus 3931 0.0 0.0 3272 312 ? Ss 19:44 0:00 dbus-daemon-1 --system
root 3953 0.0 0.0 8380 1368 ? Ss 19:44 0:00 hald
root 4022 0.0 0.0 2284 292 tty1 Ss+ 19:44 0:00 /sbin/mingetty tty1
root 4023 0.0 0.0 3188 292 tty2 Ss+ 19:44 0:00 /sbin/mingetty tty2
root 4024 0.0 0.0 1724 292 tty3 Ss+ 19:44 0:00 /sbin/mingetty tty3
root 4025 0.0 0.0 3012 292 tty4 Ss+ 19:44 0:00 /sbin/mingetty tty4
root 4026 0.0 0.0 1924 292 tty5 Ss+ 19:44 0:00 /sbin/mingetty tty5
root 4027 0.0 0.0 3276 292 tty6 Ss+ 19:44 0:00 /sbin/mingetty tty6
root 5067 0.0 0.6 30840 13108 ? Ss 20:10 0:00 httpd -k start
apache 5068 0.0 0.2 21704 4800 ? S 20:10 0:00 \_ httpd -k start
apache 9257 1.9 1.2 46684 25732 ? S 21:06 1:01 \_ httpd -k start
apache 9675 1.9 1.2 46492 25892 ? S 21:11 0:54 \_ httpd -k start
apache 10137 1.5 1.2 46532 25944 ? S 21:16 0:38 \_ httpd -k start
apache 10556 2.0 1.2 46332 25732 ? S 21:21 0:44 \_ httpd -k start
apache 10627 1.5 1.2 46932 25980 ? S 21:21 0:33 \_ httpd -k start
apache 10633 1.8 1.2 46640 26052 ? S 21:21 0:39 \_ httpd -k start
apache 10727 2.0 1.2 46312 25360 ? S 21:22 0:43 \_ httpd -k start
apache 10734 2.1 1.2 47100 26144 ? S 21:22 0:44 \_ httpd -k start
apache 11350 1.9 1.2 46048 25444 ? S 21:29 0:32 \_ httpd -k start
apache 11352 1.7 1.1 45764 24804 ? S 21:29 0:28 \_ httpd -k start
apache 11625 1.8 1.2 46344 25380 ? S 21:32 0:27 \_ httpd -k start
apache 12100 1.2 1.1 45220 24244 ? S 21:37 0:15 \_ httpd -k start
apache 12273 1.5 1.2 46028 25428 ? S 21:39 0:16 \_ httpd -k start
apache 12511 1.6 1.2 46444 25468 ? S 21:42 0:15 \_ httpd -k start
apache 12816 2.1 1.1 45372 24680 ? S 21:46 0:13 \_ httpd -k start
apache 12896 1.7 1.1 44264 23292 ? S 21:48 0:09 \_ httpd -k start
apache 13096 1.6 1.2 46684 25704 ? S 21:51 0:06 \_ httpd -k start
apache 13102 1.7 1.1 44272 23300 ? S 21:51 0:06 \_ httpd -k start
apache 13320 1.2 1.0 42392 21408 ? S 21:54 0:02 \_ httpd -k start
apache 13344 0.9 1.0 41808 20812 ? S 21:54 0:01 \_ httpd -k start
vmstat 5 5(if possible):
Code:
[root@server ~]# vmstat 5 5
procs -----------memory---------- ---swap-- -----io---- --system-- ----cpu----
r b swpd free buff cache si so bi bo in cs us sy id wa
0 0 346036 1017716 19312 331832 48 145 73 189 606 190 16 2 75 7
1 0 346036 1015972 19320 331824 0 0 9 82 1189 494 34 3 63 0
0 0 346036 1008156 19332 332072 0 0 20 134 1364 594 36 3 61 0
1 0 346036 1009820 19340 332064 0 0 0 91 1153 300 12 1 87 0
0 0 346036 1009844 19348 332056 0 0 1 83 1165 216 13 1 87 0
Linux Distro and Version
Linux 2.6.9-42.ELsmp
Log File(s)
Problem:
Tasks: 580 total, 1 running, 579 sleeping, 0 stopped, 0 zombie
I keep getting too many sleeping processes (300-500) - making the load shoot to 20-50 within 30 minutes.
I stop apache, and restart it in 5 minutes, everythings fine.
Cycle repeats.
Where can I stop this? By editing the httpd.conf file?
Which setting would it be under?
View 14 Replies
View Related
Apr 18, 2007
I was wondering why are there so many Httpd processes running?
Code:
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 4808 656 ? Ss Apr17 0:00 init [3]
root 5579 0.0 0.0 3660 580 ? Ss Apr17 0:00 syslogd -m 0
named 5596 0.0 0.0 51260 3064 ? Ssl Apr17 0:00 /usr/sbin/named -u named -n1 -c /etc/named.conf -u named -t /
root 5612 0.0 0.0 23000 1228 ? Ss Apr17 0:00 /usr/sbin/sshd
root 5620 0.0 0.0 8748 908 ? Ss Apr17 0:00 xinetd -stayalive -pidfile /var/run/xinetd.pid
root 5679 0.0 0.0 6432 1192 ? S Apr17 0:00 /bin/sh /usr/bin/mysqld_safe --defaults-file=/etc/my.cnf --pi
mysql 5713 1.2 1.0 152112 43796 ? Sl Apr17 28:39 /usr/libexec/mysqld --defaults-file=/etc/my.cnf --basedir=/us
qmails 5771 0.0 0.0 2612 492 ? S Apr17 0:00 qmail-send
qmaill 5773 0.0 0.0 2560 496 ? S Apr17 0:00 splogger qmail
root 5774 0.0 0.0 2600 400 ? S Apr17 0:00 qmail-lspawn ./Maildir/
qmailr 5776 0.0 0.0 2600 432 ? S Apr17 0:00 qmail-rspawn
qmailq 5777 0.0 0.0 2556 380 ? S Apr17 0:00 qmail-clean
root 5798 0.0 0.0 9740 944 ? Ss Apr17 0:00 crond
root 27839 0.0 0.4 165396 16396 ? Ss 18:09 0:00 /usr/sbin/httpd
apache 27853 0.5 0.4 225028 19380 ? S 18:09 0:18 /usr/sbin/httpd
apache 27855 0.5 0.4 223784 18060 ? S 18:09 0:21 /usr/sbin/httpd
apache 27861 0.5 0.4 224336 18696 ? S 18:10 0:19 /usr/sbin/httpd
apache 27862 0.5 0.4 223276 17408 ? S 18:10 0:19 /usr/sbin/httpd
apache 27876 0.3 0.4 223892 18248 ? S 18:10 0:13 /usr/sbin/httpd
apache 27877 0.5 0.4 223936 18284 ? S 18:10 0:18 /usr/sbin/httpd
apache 27878 0.4 0.4 222672 16728 ? S 18:10 0:15 /usr/sbin/httpd
apache 27879 0.2 0.4 224328 18588 ? S 18:10 0:08 /usr/sbin/httpd
apache 27880 0.5 0.4 224164 18528 ? S 18:10 0:20 /usr/sbin/httpd
apache 27915 0.2 0.4 224072 18380 ? S 18:10 0:10 /usr/sbin/httpd
apache 27916 0.5 0.5 226436 20704 ? S 18:10 0:18 /usr/sbin/httpd
apache 27917 0.5 0.4 223208 17236 ? S 18:10 0:19 /usr/sbin/httpd
apache 31980 0.4 0.4 223152 17156 ? S 18:31 0:09 /usr/sbin/httpd
apache 32121 0.3 0.5 226344 20612 ? S 18:32 0:07 /usr/sbin/httpd
apache 32205 0.6 0.4 224272 18616 ? S 18:33 0:13 /usr/sbin/httpd
apache 1749 0.4 0.4 224520 18896 ? S 18:42 0:07 /usr/sbin/httpd
apache 1752 0.5 0.4 223272 17204 ? S 18:42 0:09 /usr/sbin/httpd
apache 1759 0.6 0.4 223316 17344 ? S 18:42 0:11 /usr/sbin/httpd
apache 1760 0.6 0.4 222940 16960 ? S 18:42 0:10 /usr/sbin/httpd
apache 1789 0.3 0.4 223372 17392 ? S 18:42 0:06 /usr/sbin/httpd
apache 1893 0.4 0.4 223256 17264 ? S 18:43 0:06 /usr/sbin/httpd
root 3469 0.0 0.0 41260 3036 ? Ss 18:47 0:00 sshd: root@pts/0
root 3478 0.0 0.0 6588 1524 pts/0 Ss 18:47 0:00 -bash
apache 5175 0.7 0.4 171244 17208 ? S 18:52 0:07 /usr/sbin/httpd
apache 9237 0.7 0.4 223288 17236 ? S 19:08 0:00 /usr/sbin/httpd
apache 9260 0.2 0.3 170156 15756 ? S 19:08 0:00 /usr/sbin/httpd
apache 9454 0.7 0.3 170576 16128 ? S 19:09 0:00 /usr/sbin/httpd
root 9558 0.0 0.0 5484 836 pts/0 R+ 19:10 0:00 ps -aux
thanks!
And I just upgraded my Vps to 256mb how does the new spec compare to other 256 vps systems:
Code:
Processing UBC version 2.5 for VEID: 44763202
Wed Apr 18 19:17:27 CEST 2007 s15248973.onlinehome-server.com
19:17:27 up 1 day, 14:39, 1 user, load average: 0.49, 0.41, 0.30
-----------------------------------------------
****** vmguarpages and oomguarpages limits are unspecified
****** each VE privvmpages limit should be <= 0.6 * RAM (=1228 MB), probably [much] lower.
563 MB Allocation Limit [privvmpages limit]
****** only high value processes have a chance in this range
****** having this safety range is important to permit critical processes
512 MB Allocation Barrier [privvmpages barrier]
****** allocation requests in this range have a chance
64 MB Allocation Guarantee [vmguarpages barrier]
****** allocation will succeed in this range
256 MB Memory Guarantee [oomguarpages barrier]
416 MB ( 419 MB Max) page memory allocated [privvmpages held]
229 MB ( 231 MB Max) memory + swap used [oomguarpages held]
229 MB ( 231 MB Max) page memory used [physpages held]
33 MB ( 33792 KB) kernel memory limit [kmemsize limit]
****** a safety range here, between limit and barrier, is important
30 MB ( 30720 KB) kernel memory barrier [kmemsize barrier]
16 MB ( 16497 KB) kernel memory used [kmemsize held]
0 MB ( 910 KB) buffer memory used [*buf held]
-----------------------------------------------
Used : Max_Used : Limit for Other Resources
1779 1785 8192 numfile
6 8 413 numflock
14 14 150 numiptent
11 15 720 numothersock
54 55 128 numproc
1 1 32 numpty
0 1 512 numsiginfo
46 47 720 numtcpsock
-----------------------------------------------
Fail Count conditions: 1
privvmpages 106709 107460 131072 144180 870
View 3 Replies
View Related
Dec 8, 2007
On jaguarpc.com, their terms of service state,
"We do not allow programs to run continually in the background. This is to minimize system resources used and operational maintenance needed. We do not allow any chat or topsite programs on our servers other than the ones we pre-install for our clients to use. IRC: We currently DO NOT allow IRC or IRC bots to be operated on our network."
I thought the whole point of using a VPS was so you could run a continuous application (like a chat/game/etc server)? Why are so many VPS services against IRC (the chat server I use is not IRC based, but I just think its wierd so many prohibit IRC)
View 9 Replies
View Related
Oct 15, 2007
I'm having a problem with one user account, every 5-10 minutes a spamd process of this user gets locked using 60-90% cpu and never ends. If I don't kill the process another one does the same and they all get locked causing very high loads
I reinstalled exim but it did nothing
The problem persisted even when this user's account was suspended
View 12 Replies
View Related
Aug 16, 2007
I'm sure this isn't normal, but I have to ask. Is this normal :
...and if not, why on earth will it be doing this? ....
View 1 Replies
View Related
May 25, 2009
We have one centos vps, with whm 11 on it. This VPS continuously have following process running and that is eating too much of memory on the server
1953 root 18 0 1580 416 348 S 0 0.0 0:00.00 courierlogger
1954 root 15 0 1688 544 464 S 0 0.0 0:00.00 couriertcpd
1960 root 25 0 1576 336 280 S 0 0.0 0:00.00 courierlogger
1961 root 25 0 1688 520 440 S 0 0.0 0:00.00 couriertcpd
1969 root 18 0 1584 420 348 S 0 0.0 0:00.00 courierlogger
1972 root 15 0 1684 540 464 S 0 0.0 0:00.00 couriertcpd
1980 root 25 0 1576 336 280 S 0 0.0 0:00.00 courierlogger
1981 root 25 0 1688 516 440 S 0 0.0 0:00.00 couriertcpd
1989 root 25 0 1580 420 348 S 0 0.0 0:00.00 courierlogger
how to disable this processes, because after killing it, it again starts.
View 2 Replies
View Related
May 28, 2009
OS: CentOS 5
Software: Apache 2 / PHP CGI 5.8 / suPHP
Today I took the leap and switched to suPHP, rather than the Apache module. This is just what suited us best for hosting our own websites, keeping them more isolated from eachother bar a certain shared directory.
All is great, apart from I'm now noticing Zombie processes all of the time. These processes do seem to go away though, if I watch top the amount of Zombie processes will go up and down between 0 and 10.
Code:
17471 gnation 15 0 0 0 0 Z 1 0.0 0:00.03 php-cgi <defunct>
17463 gnation 16 0 0 0 0 Z 1 0.0 0:00.02 php-cgi <defunct>
17467 gnation 16 0 0 0 0 Z 1 0.0 0:00.02 php-cgi <defunct>
Are these processes a problem, considering they do leave after a while? I've read up about Zombie processes and it would seem that as long as they are closing at some point, instead of hanging around, then that's fine. Is this supposed to happen in my setup?
View 3 Replies
View Related
Nov 17, 2008
how can i discover hidden processes running? Already running rkhunter, chrootkit.
[root@kenny ~]# ps auxfww
USER PID %CPU %MEM SIZE RSS TTY STAT START TIME COMMAND
Segmentation fault
[root@kenny ~]#
This just appen when i use flag "f = --full". Some running process causing this.
View 9 Replies
View Related
Mar 22, 2008
I recently modified my loadavg script to store in a database the output of a top command if there's ever server loads of over 1. Overnight I've had 12 such times logged to a database.
Upon inspecting things (I was expected there is a recurring problem), the top command reveals that there are always three queries running together which take over 30 seconds each, and take up ~9% of memory each:
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
26119 nobody 25 0 73492 38m 4792 S 0 8.5 0:30.00 httpd
7313 nobody 25 0 76716 42m 4992 S 0 9.5 0:29.99 httpd
14212 nobody 19 0 70688 39m 4844 S 0 8.8 0:30.03 httpd
Is there a command that will tell me exactly what these processes are? Like in WHM's "CPU/Memory/MySQL Usage" whereby it says what account these httpd processes are coming from, and the actual page they are coming from as well?
If I could log these details (i.e. account and page these are coming from) along with the output of the top command, I can hopefully troubleshoot where this problem is coming from.
View 3 Replies
View Related
Apr 13, 2008
My server has been crashing quite alot lately, it does have some high traffic sites on there but it has never really been this bad before. Today i noticed these in cpanel, what are they and is there anyway I can control them?
View 13 Replies
View Related
Apr 23, 2008
i am facing slight problem with one of my VPSes. It had happened earlier also but had got resolved automatically.
Please see this screenshot: [url]
i know that the server load is not that great to cause this much SWAP usage. i think this is because of the processes not getting killed.
UPDATE: here is the screenshot of my other server with the same provider. which is not really overloaded but i think is facing the same problem of processes not getting killed [url]
View 7 Replies
View Related
Feb 5, 2008
so here is a simple question that i just can't seem to figure out.. when i run the command top or ps -auxw.. they show the httpd processes as the command httpd or /usr/sbin/httpd, but how do i know what file that is? is there anyway to find out what file that is actually getting executed or served?
View 2 Replies
View Related
Jul 22, 2008
Is there a way to prevent a certain service from taking up a certain amount of load on the server?
Like, shouldn't there be a way I can tell gzip or exim how much server load they are allowed to take up on my server?
I know it may run them slower, but it will be for the better if I could set each one to only be able to have a max load peak or something.
View 7 Replies
View Related