I had a strange error this morning, httpd was running fine but nothing was loading. All the other services worked fine but I checked the error log and couldn't find anything. I restarted httpd and it's running fine now.
Quote:
[Sat Feb 10 11:48:01 2007] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sat Feb 10 11:48:01 2007] [notice] Accept mutex: sysvsem (Default: sysvsem)
[Sat Feb 10 13:06:02 2007] [notice] caught SIGTERM, shutting down
[Sat Feb 10 13:06:03 2007] [notice] Apache configured -- resuming normal operations
[Sat Feb 10 13:06:03 2007] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sat Feb 10 13:06:03 2007] [notice] Accept mutex: sysvsem (Default: sysvsem)
[Sat Feb 10 20:42:26 2007] [notice] caught SIGTERM, shutting down
[Sat Feb 10 20:42:28 2007] [notice] Apache configured -- resuming normal operations
[Sat Feb 10 20:42:28 2007] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sat Feb 10 20:42:28 2007] [notice] Accept mutex: sysvsem (Default: sysvsem)
Looks just like normal operations... I checked the access log and nothing looked out of the ordinary either.
Anyway the only suspicious thing I saw was the daily scan by spammers to see if I had anything exploitable.
Quote:
[Sat Feb 10 00:16:32 2007] [error] [client 69.13.76.82] File does not exist: /var/www/html/a1b2c3d4e5f6g7h8i9/nonexistentfile.php
[Sat Feb 10 00:16:33 2007] [error] [client 69.13.76.82] File does not exist: /var/www/html/adxmlrpc.php
[Sat Feb 10 00:16:33 2007] [error] [client 69.13.76.82] File does not exist: /var/www/html/adserver/adxmlrpc.php
[Sat Feb 10 00:16:33 2007] [error] [client 69.13.76.82] File does not exist: /var/www/html/phpAdsNew/adxmlrpc.php
[Sat Feb 10 00:16:33 2007] [error] [client 69.13.76.82] File does not exist: /var/www/html/phpadsnew/adxmlrpc.php
[Sat Feb 10 00:16:33 2007] [error] [client 69.13.76.82] File does not exist: /var/www/html/phpads/adxmlrpc.php
[Sat Feb 10 00:16:33 2007] [error] [client 69.13.76.82] File does not exist: /var/www/html/Ads/adxmlrpc.php
[Sat Feb 10 00:16:33 2007] [error] [client 69.13.76.82] File does not exist: /var/www/html/ads/adxmlrpc.php
[Sat Feb 10 00:16:33 2007] [error] [client 69.13.76.82] File does not exist: /var/www/html/xmlrpc.php
[Sat Feb 10 00:16:34 2007] [error] [client 69.13.76.82] File does not exist: /var/www/html/xmlrpc/xmlrpc.php
[Sat Feb 10 00:16:34 2007] [error] [client 69.13.76.82] File does not exist: /var/www/html/xmlsrv/xmlrpc.php
[Sat Feb 10 00:16:34 2007] [error] [client 69.13.76.82] File does not exist: /var/www/html/blog/xmlrpc.php
[Sat Feb 10 00:16:34 2007] [error] [client 69.13.76.82] File does not exist: /var/www/html/drupal/xmlrpc.php
[Sat Feb 10 00:16:34 2007] [error] [client 69.13.76.82] File does not exist: /var/www/html/community/xmlrpc.php
[Sat Feb 10 00:16:34 2007] [error] [client 69.13.76.82] File does not exist: /var/www/html/blogs/xmlrpc.php
[Sat Feb 10 00:16:34 2007] [error] [client 69.13.76.82] File does not exist: /var/www/html/blogs/xmlsrv/xmlrpc.php
[Sat Feb 10 00:16:34 2007] [error] [client 69.13.76.82] File does not exist: /var/www/html/blog/xmlsrv/xmlrpc.php
[Sat Feb 10 00:16:34 2007] [error] [client 69.13.76.82] File does not exist: /var/www/html/blogtest/xmlsrv/xmlrpc.php
[Sat Feb 10 00:16:35 2007] [error] [client 69.13.76.82] File does not exist: /var/www/html/b2/xmlsrv/xmlrpc.php
[Sat Feb 10 00:16:35 2007] [error] [client 69.13.76.82] File does not exist: /var/www/html/b2evo/xmlsrv/xmlrpc.php
[Sat Feb 10 00:16:35 2007] [error] [client 69.13.76.82] File does not exist: /var/www/html/wordpress/xmlrpc.php
[Sat Feb 10 00:16:35 2007] [error] [client 69.13.76.82] File does not exist: /var/www/html/phpgroupware/xmlrpc.php
I have nothing to be exploited so I'm thinking that wasn't the cause either.
I checked user_beancounters and there are also 0 fail counts.
I have read that running httpd under user nobody is not safe at all so I installed mod_suhosin and suphp but still the httpd is running under user nobody.
Could anyone suggest me how to check if they are installed good and are they working? I don't know why is this happening
so here is a simple question that i just can't seem to figure out.. when i run the command top or ps -auxw.. they show the httpd processes as the command httpd or /usr/sbin/httpd, but how do i know what file that is? is there anyway to find out what file that is actually getting executed or served?
Code: [root@serwer /]# httpd restart /usr/sbin/httpd restart: httpd not running, trying to start /usr/sbin/httpd restart: httpd could not be started
Code: [root@serwer /]# httpd status Looking up localhost Making HTTP connection to localhost Alert!: Unable to connect to remote host. lynx: Can't access startfile [url]
I can access FTP, SSH and httpd is showed as running when i check with 'httpd status'. Memory ram has half of them left(except that swap is 0,0).
I can't access my site via browser
Why tried restarting [root@web2 ~]# service httpd start Starting httpd: (98)Address already in use: make_sock: could not bind to address [::]:80 (98)Address already in use: make_sock: could not bind to address 0.0.0.0:80 no listening sockets available, shutting down Unable to open logs [FAILED] [root@web2 ~]#
I have a php cli shell script that I want to be running continuously without ever stopping. However, I noticed that it would stop executing after a while on its own.
Is there a way to keep a script running forever without timing out, or daemonize it?
i have had a problem for some time now, regarding my CRON jobs. I am trying to download a large amount of data from ebay (through their API, totally legal and aboveboard) using php, but my CRONjob times out.
I have tried resetting the timeout variable, but then it exceeds the maximum filesize SO, my question: is there any way to have a script run as a CRON job, and wen it is complete, call another script?
I'm not sure why my brand new dual proc quad core xeon 2.5ghz harpertown gets time out when the server load is under .5
Like it'll be running ultra fast and suddenly, I can't get into ssh, whm, my websites or anything. When I ping it, no reponse. Is it because it restarted itself?
I have recently tweaked my server (AMD 3000+ 1gb Ram 10mbps port) by configuring the httpd.conf, my.cnf and php.ini.
I am pleased to say that the server is now responding well and the load is always below 1.00.
However, sometimes a user will experience a time-out through their browser. Once they refresh the server will then react as it should and carry out the command which is being asked of it.
tweaking apache so that timeouts do not occur....here are the changes I have made...
php.ini
Code: [MySQL] ; Allow or prevent persistent links. mysql.allow_persistent = Off httpd.conf
Code: KeepAlive On MaxKeepAliveRequests 100 KeepAliveTimeout 3 MinSpareServers 16 MaxSpareServers 32 StartServers 20 MaxClients 150 MaxRequestsPerChild 5 and finally here is my.cnf file
I decided to merge 2 old dedicated servers into 1 colocated machine with better specs the old machines have a combined number of about 280 accounts.
I purchased a Broadberry Server and requested a specific setup and OS (CentOS) after some delays they finally got it working and shipped it to the Datacentre
I chose 49pence/RapidSwitch for colocation in the UK
I received a email from 49pence on how they wanted it setup and Broadberry did this as well which was good.
Unfortunately I got the email it had been received and installed from RapidSwtich before I received the email regarding server admin and password info
Broadberry set a very weak password up a bit of an oversight this
As within 12 hours of it being installed it was hacked!
Being a UK bank holiday we were unable to do anything till today
And now we are having to retrieve the server to reinstall everything and start again!
I hope the companys involved will be cooperative so we can get this up and running asap.
My severs at Coreix end later this month.
A lesson to be learned for us and I hope anyone reading
Next time we have a check list to make sure nothing gets overlooked!
Luckly no data on the server and no harm done other than cost and time.
I'm working on a script to help users get routed to the nearest, fastest server for the best ping. I'm in 2 datacenters, one on the east and one one the west coast of the US.
I've looked at some of the geo lookup programs based on IP, but they either seem inaccurate or expensive.. and just downright difficult to use.
I found out that some geo load balancers use the connection speed to figure out the best route. So, I'm trying to think of a way of timing the users connection from multiple server locations.
Has anyone here done that sort of thing before? Any suggestions on how to best do that?
Two completely different methods I've considered:
1. putting 2 images on a web page, and using javascript to time the loading of them. 2. pinging the user IP from each coast and seeing which is fastest. (Is there a lighter way than ping? )
For over a week now I have had the following network issues:
- browser timing out (for me and visitors to my site)
- ftp connection issues
The server load is low so it's not server related.
Traceroute TO the server appears fine.
Traceroute FROM the server to users IP's appears to have issues over the SingTel/Optus network.
My webhost says it's an issue for SingTel/Optus.
SingTel/Optus Engineer say: "Our testings point to a problem either within Cogent's network or on a peering link between Cogent and Singtel in LA.
I'd suggest that the owner of the domain (me!) approach his hosting provider and have them escalate to Cogent. We can't escalate to Cogent as we have no peering with them."
So I've been the meat in the sandwich for over a week with no sign of a fix.
My options appear to be to either move the VPS away from the webhost and host it locally (Australia) or to somehow wait for someone to step up and take responsiblity and get this resolved.
My heart says wait as it's not *my* responsibility but it's costing me financially and professionally.
Anyone else experiencing similiar/same issues from the Asia Pacific region to the US?
i am using seperate server for sql .But my httpd server failed many time when i checked maximum number of httpd connection then my sql server using too many connection what is the reason of this problem . Is my sql server using as a slave in a ddos attack or sql server need http connection?
i have creat my new user and upload his files on it. but when i try this link:
http://ip/~user
i have this error and my friend say that your httpd have problem. but its my new server. how can i solve it ?
404 Not Found
The server can not find the requested page:
ip/~user (port 80)
Please forward this error screen to 69.197.166.71's WebMaster. Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8b mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.8 Server at 69.197.166.71 Port 80
I have 1764 pid started by httpd daemon. I think for some reason the httpd pid is not closing for me. How do i make sure that all of the httpd pid are closing.
I know that there are a lot of posts about this but... i have a problem w my apache... it was working fine until today... i get this e-mail from WHM whenever httpd fails... and its pretty often:
Quote:
httpd failed @ Mon Aug 18 16:23:13 2008. A restart was attempted automagically.
Failure Reason: Timeout while trying to connect to service
I wanna know how to check in the error log the entries of just today. because when i put "cat error_log" i start receiving things from last week and this is happening today...
i've tried /scripts/rebuildhttpdconf and then restarted, but still the same.
I just got apache installed on my box and the process is running. However when I enter my ip address on firefox, nothing loads up and I get a timeout error.
I did a Graceful Server Reboot, but it seems httpd service not running yet,
I got this error after try to restart Apache..
" Restarting Apache Web Server Waiting for httpd to restart..............finished. httpd (/usr/local/cpanel/whostmgr/bin/whostmgr ./reshttpd) running as root with PID 3319 httpd has failed, please contact the sysadmin. "
and my Log:
[root@XXXXX ~]# tail -f /usr/local/apache/logs/error_log Failed to start up concurrent users module! [Sat Jul 25 20:39:51 2009] [notice] suEXEC mechanism enabled (wrapper: /usr/loca l/apache/bin/suexec) [Sat Jul 25 20:39:52 2009] [warn] pid file /usr/local/apache/logs/httpd.pid over written -- Unclean shutdown of previous Apache run? [Sat Jul 25 20:39:52 2009] [crit] (28)No space left on device: Unable to create or access scoreboard (anonymous shared memory failure) shmget() failed: No space left on device ....
I just stop httpd service for server maintainance , and disable its monitoring from whm services, but after some time it again start even i disable httpd monitoring and service.
I moved a domain of mine from one of my CentOS servers on my SoHo LAN, to one of my CentOS cPanel/WHM servers. Since the SoHo machine had been handling this domain's mail for almost 2 years (300+ mb of mail), I decided to continue running it from home.
The Apache daemon was stopped on said SoHo box following DNS propagation to the cPanel machine, but Apache was automatically started again after having to reboot the SoHo server. Before I got a chance to kill Apache, I got some weird entries showin' up in the access_logs.
I ask simply because I don't recall seeing a "CONNECT" entry in my logs before, and I've been at this for awhile. That or I've just not paid any attention. And what's with the SSL port?
I guess I'm just a little confused as to what was trying to be accomplished here...it hasn't returned since.
right ive got a server thats getting battered at the moment by lots of apache processes, ive moved sql off to a seperate box (with private lan so thats fine) but now i need to optimize/replace apache with something less intensive on resources, only problem is im using plesk on this server so i am not sure if i can change the webserver app?
Trying to troubleshoot an exploit where the code redirecting people to exploit sites is not in the website. I think a module is being loaded dynamically, but I am not seeing the entry point in the access logs. I restart httpd and the problem goes away temporarily.
Anyone see anything fishy?
================== HTTPD MODULES ================== [root@xxx ~]# httpd -L <Directory (core.c) Container for directives affecting resources located in the specified directories Allowed in *.conf only outside <Directory>, <Files> or <Location> <Location (core.c) Container for directives affecting resources accessed through the specified URL paths Allowed in *.conf only outside <Directory>, <Files> or <Location> <VirtualHost (core.c) Container to map directives to a particular virtual host, takes one or more host addresses Allowed in *.conf only outside <Directory>, <Files> or <Location> <Files (core.c) Container for directives affecting files matching specified patterns Allowed in *.conf anywhere and in .htaccess when AllowOverride isn't None <Limit (core.c) Container for authentication directives when accessed using specified HTTP methods Allowed in *.conf anywhere and in .htaccess when AllowOverride isn't None <LimitExcept (core.c) Container for authentication directives to be applied when any HTTP method other than those specified is used to access the resource Allowed in *.conf anywhere and in .htaccess when AllowOverride isn't None <IfModule (core.c) Container for directives based on existance of specified modules Allowed in *.conf anywhere and in .htaccess when AllowOverride isn't None <IfDefine (core.c) Container for directives based on existance of command line defines Allowed in *.conf anywhere and in .htaccess when AllowOverride isn't None <DirectoryMatch (core.c) Container for directives affecting resources located in the specified directories Allowed in *.conf only outside <Directory>, <Files> or <Location> <LocationMatch (core.c) Container for directives affecting resources accessed through the specified URL paths Allowed in *.conf only outside <Directory>, <Files> or <Location> <FilesMatch (core.c) Container for directives affecting files matching specified patterns Allowed in *.conf anywhere and in .htaccess when AllowOverride isn't None AuthType (core.c) An HTTP authorization type (e.g., "Basic") Allowed in *.conf only inside <Directory>, <Files> or <Location> and in .htaccess when AllowOverride includes AuthConfig AuthName (core.c) The authentication realm (e.g. "Members Only") Allowed in *.conf only inside <Directory>, <Files> or <Location> and in .htaccess when AllowOverride includes AuthConfig Require (core.c) Selects which authenticated users or groups may access a protected space Allowed in *.conf only inside <Directory>, <Files> or <Location> and in .htaccess when AllowOverride includes AuthConfig Satisfy (core.c) access policy if both allow and require used ('all' or 'any') Allowed in *.conf only inside <Directory>, <Files> or <Location> and in .htaccess when AllowOverride includes AuthConfig AddDefaultCharset (core.c) The name of the default charset to add to any Content-Type without one or 'Off' to disable Allowed in *.conf anywhere and in .htaccess when AllowOverride includes FileInfo AcceptPathInfo (core.c) Set to on or off for PATH_INFO to be accepted by handlers, or default for the per-handler preference Allowed in *.conf anywhere and in .htaccess when AllowOverride includes FileInfo AccessFileName (core.c) Name(s) of per-directory config files (default: .htaccess) Allowed in *.conf only outside <Directory>, <Files> or <Location> DocumentRoot (core.c) Root directory of the document tree Allowed in *.conf only outside <Directory>, <Files> or <Location> ErrorDocument (core.c) Change responses for HTTP errors Allowed in *.conf anywhere and in .htaccess when AllowOverride includes FileInfo AllowOverride (core.c) Controls what groups of directives can be configured by per-directory config files Allowed in *.conf only inside <Directory>, <Files> or <Location> Options (core.c) Set a number of attributes for a given directory Allowed in *.conf anywhere and in .htaccess when AllowOverride includes Options DefaultType (core.c) the default MIME type for untypable files Allowed in *.conf anywhere and in .htaccess when AllowOverride includes FileInfo...
