Any one facing any issue when Running CPanel on the VPS.
I always seem to be getting these errors only for Cpanel VPS only.
kernel: TCP: time wait bucket table overflow
kernel: TCP: too many of orphaned sockets (90 in CT****)
Even Cpanel Install by SSH or VePortal gives the same error.
I have a server with CentOS Enterpise 4.6 using 2.6.9-67ELsmp Kernel
I found that I must update the kernel for security reasons !! so I updated it to 2.6.25.3 ( leatest stable version )
I updated it 2 times but always fail in this server
Just wondering for anyone whos done a kernel compile on an Atom based machine, how long did it take?
View 1 Replies View RelatedI guess I have finally seen the adverse effects of raising the conntrack table max too high.
May 15 09:13:52 cp4 kernel: [6430723.486626] dst cache overflow
May 15 09:13:52 cp4 kernel: [6430723.622616] dst cache overflow
May 15 09:13:56 cp4 kernel: [6430727.562862] dst cache overflow
May 15 09:13:56 cp4 kernel: [6430727.698868] dst cache overflow
May 15 09:13:56 cp4 kernel: [6430727.844221] dst cache overflow
May 15 09:13:56 cp4 kernel: [6430727.991276] dst cache overflow
May 15 09:13:56 cp4 kernel: [6430728.131962] dst cache overflow
I got tons of these during an attack today. I have googled around for a lil while and not have been able to find any useful info on raising this cache level up. Would anyone here know how to do this?
I see no sysctl settings or anything of that nature for it.
Anyone successfully install vePortal yet?
View 5 Replies View RelatedCheck it out:
[url]
I have nothing to do with it. Just passing it along.
What is veportal?
vePortal is a VPS Commanding total system control Web-Based system that utilizes PHP Hyper-Threading resulting in major acceleration over competing products, As long as your server can meet the recommended system requirements our control panel and your users will never wait for a page to load for longer than the average website.
Is there a way to easily install lxadmin/kloxo in veportal?
View 14 Replies View RelatedI'm starting to test out VPS panels and found vePortal 2. I purchased it and installed it. Now I'm checking some security, as we all know about the terrible result of HyperVM as everyone blindly used it because it was "pretty" but it was not secure.
Some serious concerns I'd like to share with vePortal 2.
1) It makes no backups of any of the files it modifies during install, or so I haven't seen any, like httpd.conf.... more of a pain than anything. There is no way to auto uninstall it either..
2) vePortal gives full root access to the Apache user, letting apache run any root commands!
They add this to your /etc/sudoers
apache ALL=(root) NOPASSWD:ALL
[root@nd11108 myadmin]# su -s /bin/sh apache -c "whoami"
apache
[root@nd11108 myadmin]# su -s /bin/sh apache -c "sudo whoami"
root
This is a root exploit waiting to happen. I asked them about this and got the response.
Quote:
It would be a security breach if a) apache was allowed SSHD Access, or b) the server was running scripts that havn't been marked secure, We have a very comprehensive team of beta testers including one of the largest providers around, They and their staff have not been able to break the security or integrity of the panel as of yet.
All panels in one way or another have root control over the system, for example they wouldnt be able to have a SSH Console without it, as only specified commands would work, we do have a list of the commands required by vePortal if you wish to limit it, but the console and the Shell Commander functions would stop working.
Regards,
Gavin H.
Chief Information Officer
That's funny I have been using the panel a few minutes and already found they've ignored the biggest security hole possible..
3) In 5 minutes I've found multiple XSS vulnerabilities in the admin area... Like search customers, I was able to generate JavaScript alerts in multiple fields....
4) It stores the MySQL root password in clear text in a .php file... yeah that's real secure. Why does it even operate under the MySQL root user, its using a single database....
5) I forgot to add, it doesn't recognize ANY OpenVZ Vps's you've created manually. It has no idea they exist and you cannot view them at all.
I'm sure I could dig deeper into the source code and find more but it's not worth it. Judging by what I found without actually trying to spend time on security I completely removed the product.
The panel does look nice but it sure gets a mark of insecure for me, I would advise others seriously look into the security of this new panel if you're considering using it.
My VPS had some high %wa this two days,when i refresh(F5) WHM %wa will go to 18-20% and us sy just 1 or 2
Is it my vps provider have a very bad oversell?
I/O Wait is increasing on my server, please advise what to do: some times it is within 30 % and sometime it is up to 90%
top - 04:40:44 up 5:30, 2 users, load average: 4.57, 2.64, 3.24
Tasks: 171 total, 2 running, 169 sleeping, 0 stopped, 0 zombie
Cpu(s): 18.3% us, 4.3% sy, 0.0% ni, 0.0% id, 77.0% wa, 0.3% hi, 0.0% si
Mem: 1027556k total, 1021944k used, 5612k free, 85460k buffers
Swap: 2040244k total, 2068k used, 2038176k free, 147752k cached
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
16754 apache 15 0 96140 58m 5948 S 8.3 5.8 0:04.95 httpd
19760 psaadm 15 0 36936 3628 1548 S 4.7 0.4 0:00.14 httpsd
5417 apache 15 0 103m 67m 5984 S 2.0 6.7 0:13.00 httpd
2738 mysql 15 0 394m 79m 4660 S 0.7 7.9 1:25.08 mysqld
28294 apache 15 0 104m 68m 6076 S 0.7 6.9 0:25.33 httpd
39 root 16 0 0 0 0 S 0.3 0.0 0:06.16 kswapd0
2857 root 16 0 4788 752 628 S 0.3 0.1 0:03.09 couriertcpd
3022 qmails 15 0 2304 484 372 S 0.3 0.0 0:09.28 qmail-send
32688 apache 15 0 96112 58m 6000 S 0.3 5.8 0:10.76 httpd
5632 popuser 15 0 35588 29m 2344 D 0.3 2.9 0:30.44 spamd
9850 apache 16 0 100m 65m 5996 S 0.3 6.5 0:09.85 httpd
12418 apache 16 0 99796 62m 6296 S 0.3 6.2 0:08.56 httpd
19578 qmaild 15 0 4008 840 692 S 0.3 0.1 0:00.01 qmail-smtpd
1 root 16 0 1652 552 472 S 0.0 0.1 0:00.70 init
2 root 34 19 0 0 0 S 0.0 0.0 0:00.29 ksoftirqd/0
3 root 5 -10 0 0 0 S 0.0 0.0 0:00.00 events/0
4 root 11 -10 0 0 0 S 0.0 0.0 0:00.00 khelper
5 root 15 -10 0 0 0 S 0.0 0.0 0:00.00 kacpid
19 root 5 -10 0 0 0 S 0.0 0.0 0:00.00 kblockd/0
37 root 20 0 0 0 0 S 0.0 0.0 0:00.00 pdflush
38 root 15 0 0 0 0 S 0.0 0.0 0:01.07 pdflush
40 root 11 -10 0 0 0 S 0.0 0.0 0:00.00 aio/0
20 root 15 0 0 0 0 S 0.0 0.0 0:00.00 khubd
186 root 25 0 0 0 0 S 0.0 0.0 0:00.00 kseriod
295 root 15 0 0 0 0 D 0.0 0.0 0:06.68 kjournald
1373 root 6 -10 1904 456 380 S 0.0 0.0 0:00.01 udevd
1606 root 6 -10 0 0 0 S 0.0 0.0 0:00.00 kauditd
1648 root 6 -10 0 0 0 S 0.0 0.0 0:00.00 kmirrord
1672 root 19 0 0 0 0 S 0.0 0.0 0:00.00 kjournald
1673 root 19 0 0 0 0 S 0.0 0.0 0:00.00 kjournald
2360 root 15 0 2160 552 456 S 0.0 0.1 0:07.27 syslogd
2364 root 16 0 2620 384 316 S 0.0 0.0 0:00.00 klogd
2391 rpc 15 0 1952 548 452 S 0.0 0.1 0:00.00 portmap
2410 rpcuser 18 0 2400 724 620 S 0.0 0.1 0:00.00 rpc.statd
2436 root 16 0 4628 340 172 S 0.0 0.0 0:00.00 rpc.idmapd
2507 root 17 0 3060 508 300 S 0.0 0.0 0:00.00 smartd
I have Apache2 installed on my dedicated server. I would like to install a mod / configure my Apache Server in order to limit simultaneous connections / IP.
The thing that I want is that for example if I want a maximum of 2 simultaneous connections / IP, when that IP reaches the LIMIT, I would like to delay its next request, and NOT display him a 503 error like most mods DO.
For the past couple of days, I've noticed that there is alot of apache processes running in the "D" state and that my IO wait is up to %80. I straced one of the processes and the result is its locking on a php session:
$ strace -p 3230
06:57:12 open("/var/lib/php/session/sess_86ecf346c6f7adba93cb1077f6b95d43", O_RDWR|O_CREAT,
0600) = 44
06:57:12 flock(44, LOCK_EX
And this is the output of lsof
[root@xeon ~]# lsof | grep session
mysqld 3212 mysql 178u REG 8,33 275456 26099994 /hd/mysql/sitebuilder3/session.MYI
mysqld 3212 mysql 183u REG 8,33 354592 26099937 /hd/mysql/sitebuilder3/session.MYD
bash 6426 root cwd DIR 8,21 1060864 25133096 /var/lib/php/session
httpd 6698 apache 44uW REG 8,21 115 9814967 /var/lib/php/session/sess_e0f1bb824667860260f9e5bd53da54e9
httpd 6704 apache 44u REG 8,21 138 25135115 /var/lib/php/session/sess_325b2701fcb8fb2d8371d1dd72660e8b
httpd 6718 apache 44u REG 8,21 138 9814423 /var/lib/php/session/sess_a28662f28c3fe91926c7c96267fe324f
httpd 6723 apache 44u REG 8,21 115 9814794 /var/lib/php/session/sess_79249a69f0a929318c3a8d25b1102ff4
httpd 6765 apache 44u REG 8,21 14 9815234 /var/lib/php/session/sess_0983ce89bad9d37eccec89fe83985945
httpd 6773 apache 44u REG 8,21 141 9815254 /var/lib/php/session/sess_298731e4cb90e58f223bc1b1b2da8cef
httpd 6782 apache 44uW REG 8,21 175 9814514 /var/lib/php/session/sess_608cf6bb40ba33a7505f3857e32c3854
httpd 6786 apache 44u REG 8,21 139 9814480 /var/lib/php/session/sess_10913da266608052ffd08e5fa39356c7
httpd 6787 apache 44uW REG 8,21 138 9814292 /var/lib/php/session/sess_3e0fac0590d02b4f111ce4bee9a8bfe1
httpd 6790 apache 44u REG 8,21 14 9815287 /var/lib/php/session/sess_cdfeac2790c55a62744a66caef886857
httpd 6794 apache 44u REG 8,21 138 9814423 /var/lib/php/session/sess_a28662f28c3fe91926c7c96267fe324f
httpd 6798 apache 44uW REG 8,21 93 9814971 /var/lib/php/session/sess_fa0f81edfd26e8653bc94bc9f9af6f6d
httpd 6801 apache 44u REG 8,21 138 9814423 /var/lib/php/session/sess_a28662f28c3fe91926c7c96267fe324f
httpd 6802 apache 44uW REG 8,21 138 9814423 /var/lib/php/session/sess_a28662f28c3fe91926c7c96267fe324f
httpd 6811 apache 44uW REG 8,21 115 9814802 /var/lib/php/session/sess_396f6670549934766bd8268f0b5628fc
httpd 6822 apache 44u REG 8,21 153 9815061 /var/lib/php/session/sess_0d1fcc65d1964fc3d354e4b94f3638eb
httpd 6833 apache 44uW REG 8,21 153 9815173 /var/lib/php/session/sess_05ed9e41766579f10cfdaa2f7e737a1a
httpd 6846 apache 44u REG 8,21 236 9815142 /var/lib/php/session/sess_23b5cad8471778391bf9748d0f4f1230
I've ordered server from LeaseWeb two weeks ago and still wait for the server setup. Its looks to slow for me - we are used to wait only a few hours for servers setup in datacanters in the US.
I'm afraid that such slow response will be also in response and level of the support. Do you think I should cancel this service and look for other provider in Europe? If yes please suggest such provider.
I've paid in advance by paypal for 3 month(~ 500 EURO). Do you think I will be able to cancel that payment?
I'm with one of the big shared hosts. Support is patchy at best, which isn't a problem until you require help at which point it's agonising as you have to wait an age to get an unsatisfactory response.
At the moment the server I'm on is suffering from consistent outages (it's been up and down over the last few days). Support has been hard to get hold of at times (right now my site is completely unacceptable for me and there's no-one tending the live support chat - which is the only chance of getting a prompt response).
My question is should I be actively looking to improve my situation (it's amazingly frustrating to spend the best part of a day doing small updates, which because of instability, take hours instead of minutes) or should I just wait until it blows over (to be fair server issues tend to be fairly infrequent, but they do flair up every so often). I can't really afford to pay that much more than I am (say $20-$50 a month max) so am I stuck with shared hosting or is there anyway to pay a little more (my current package costs around $10 a month) to get better support and stability?
After a initial look around would something like MediaTemples GS or the low end MediaTemples dedicated virtual service be suitable? The pages do have moderate database use (a few forums and galleries) and use around 50GB a month bandwidth (which would climb slowly in future months)?
PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE
Parallels Plesk Panel 11.5.30 MU #44 CentOS 6.5 (Final) 64bit
2 of our our servers are suddenly experiencing high Wait I/O Times, and high Load Averages during the backup process. During this period the Plesk grinds to a halt, sometimes crashing out completely (although SSh is still possible. We have been in talks with our server suppliers (assuming this would be node related) however they have done a lot of testing etc. and categorically state the node is fine , with no other users affecting it.
STEPS TO REPRODUCE : We backup the server using the scheduled backup service and Wait I/O immediately goes up.
ACTUAL RESULT: Plesk downtime / Website downtime
EXPECTED RESULT: No downtime, successful back up
Some other info :
All other processes (MYSQL, apache, Nginx etc) are all running between 1 - 10%
Partition "/usr" utilization 4.2% used (1.81 GB of 43.3 GB) (?)
Partition "/var" utilization 50.6% used (61.8 GB of 122 GB) (?)
We are struggling to identify what has changed on the server that would cause this sudden change.
we have one box in hivelocity.net that has been down so many times this month that we were forced to remove links to siteuptime where we were once so proud of having a 99.7% uptime for 3 years in theplanet.
syslog shows that just before crashing, these entries were made:
kernel: kernel BUG at mm/rmap.c:479
kernel: invalid operand:0000 [#1]
dmesg also shows this:
...
Brought up 2 CPUs
zapping low mappings.
checking if image is initramfs... it is
Freeing initrd memory: 482k freed
NET: Registered protocol family 16
PCI: PCI BIOS revision 2.10 entry at 0xf9f20, last bus=1
PCI: Using configuration type 1
mtrr: v2.0 (20020519)
mtrr: your CPUs had inconsistent fixed MTRR settings
mtrr: probably your BIOS does not setup all CPUs.
mtrr: corrected configuration.
...
i've googled these messages and they point to ram problems.
hivelocity.net claims to have done diagnostics on the box and that there were no problems reported.
they said this is a result of a sys configuration problem made by us.
any ideas?
running centos/virtuozzo 2.6.18-028stab062.3
when i configure vmware it asks at one point for kernel header files. where would i find them to match the current kernel?
i asked at parallels forums but help there is very scarce. i checked openVZ repositories and they dont yet have headers for this version.
what are my options? i have one last windows machine left and want to run it in VMware.
Last year I ordered a new server with Centos 4.3 and it had the kernel kernel 2.6.9-34.0.2ELsmp installed. It runned fine and I didn't update any packages since then.
Today I started getting a problem where both mysqld and kswapd0 uses very high amounts of CPU, spiking up to 100% and my memory usage is at 99% all the time. The problem seems exactly the same as the one mentioned in this thread.
In that thread the exact same kernel is said to be insecure and to cause this problem. I also came across a centOS bug that reports this problem with high cpu, mem usage and mysql & kswapd0 consuming all resources.
In the linked thread the person solved the problem by upgrading to kernel 2.6.9-42 using rpms but others recommended a newer kernel or a custom compiled kernel for CentOS.
Apparently when they used yum it said 34.0.2 was the latest kernel.
What should I do to upgrade the kernel, which version should i upgrade to, and where do I get it from? I won't be able to compile a custom kernel and I've only installed basic rpm packages before.
This is a rare issue i have on a RHEL 5.2 + cPanel server.
Server time is:
Tue Nov 11 17:02:51 CST 2008
Squirrelmail time show:
Code:
Last Refresh:
Tue, 5:02 pm
So, that is correct too..
But email arrives with -4 hours time, example:
webmaster@xxx.com 1:03 pm testing email
I already rebooted httpd, exim, and imap server, and the server itself too.. and problem stills.
I got report from webceo that I have some issues. May someone help me fix this?
DNS Lookup: 0.22 sec
Connect time: 0.33 sec
Host ping: 0.10 sec
That mean too slow with the other sites!
I can't get access to a certain site. I always get the page with:
network time out - server at *** takes to long to respons. More people have noticed this and apparently it only happens to people with certain specific providers. And not all the time. Some times they DO get access eventy to they belong to the same ISP. So I guess an ISP isn't blocking access to it otherwise it would be permenantly/The site administrator insists that certain ISP's are blocking his site. He's hosting it on his own server. The domain belongs is registered at namecheap.com.
If an ISP is blocking this site (if that's possible?), that would lead to that 'network timeout' page wouldn't it?
What is the most likely reason for getting a timeout page anyway?
Today i need to run "OPTIMIZE TABLE" from MySQLTuner recommendation.
Now i don't know how to run it ? I try to put in SQL Query via phpmyadmin and:
SQL query:
OPTIMIZE TABLE
MySQL said:
#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
Can i expect a 7204VXR NPE-300 router with 256Meg to hold a full BGP table?
Would it be possible to hold to full BGP tables (multihoming) with a NPE-400 with 512Meg?
I have a site running on vps and the attachment table got crashed , I am unable to repair it :
thesymbi_vb.attachment
error : Not enough memory for blob at 605100 (need 6315809)
warning : Number of rows changed from 4 to 3081
status : OK
This is result of repairing from WHM, how to repair it?
i have update my.cnf with the following configuration and now i have a lor of customer that have lost him table, seem that this configuration have delete in random .Myi files, i would put this my.cnf also on others server but i would undestand which setting in this .cnf make problem for the table.
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
skip-locking
skip-innodb
#skip-networking
safe-show-database
query_cache_limit=1M
query_cache_size=96M ## 32MB for every 1GB of RAM
query_cache_type=1
max_user_connections=200
max_connections=500
interactive_timeout=10
wait_timeout=20
connect_timeout=20
thread_cache_size=128
key_buffer=384M ## 128MB for every 1GB of RAM
join_buffer=1M
max_connect_errors=20
max_allowed_packet=16M
table_cache=1024
record_buffer=1M
sort_buffer_size=3M ## 1MB for every 1GB of RAM
read_buffer_size=3M ## 1MB for every 1GB of RAM
read_rnd_buffer_size=3M ## 1MB for every 1GB of RAM
thread_concurrency=2 ## Number of CPUs x 2
myisam_sort_buffer_size=64M
server-id=1
log_slow_queries=/var/log/mysql-slow-queries.log
long_query_time=2
collation-server=latin1_general_ci
[mysql.server]
user=mysql
#basedir=/var/lib
[safe_mysqld]
err-log=/var/log/mysqld.log
pid-file=/var/lib/mysql/mysql.pid
open_files_limit=8192
[mysqldump]
quick
max_allowed_packet=16M
[mysql]
no-auto-rehash
#safe-updates
[isamchk]
key_buffer=64M
sort_buffer=64M
read_buffer=16M
write_buffer=16M
[myisamchk]
key_buffer=64M
sort_buffer=64M
read_buffer=16M
write_buffer=16M
[mysqlhotcopy]
interactive-timeout
I have a dedicated server specs: AMD 3500+ 64 Bit CPU, 1 GB Ram, 160 GB Sata Drive. For 1 month, CPU load average reaches 40-50 value. This happens about 5-6 times in a day. When I stop httpd service for 30 seconds everything goes normal. I think this is not a DoS attack because it comes systematic, I dont believe no one makes this regularly except bots.
Maybe its a system service or a cronjob but it stops when I turn off httpd service?
How can I be sure about what's making this regularly load?
I also did set up a script which mail me when load average of system goes crazy and restart httpd service. But instant restart is not working to stop load increase.
The server is going down from time to time, every 12 days or so the site hosted there is no longer accesible, everything starts with the site slowing don and down and then is not longer reachable, what we do is to request a power cycle, and with this we start all over again till next power cycle, so on so on, of course, here are my server details and more info on this:
- MySQL - 5.1.41-3ubuntu12.10
- Apache - 2.2.14-5ubuntu8.4
- PHP - 5.3.2-1ubuntu4.9
- operating system: Ubuntu Server 10.04 LTS
After some time emailing the support guys to barely check about what's going on, we received an email with a few things:
1.- found a few errors that likely would cause issues with Apache. The first error is:
[Mon Feb 04 05:03:10 2013] [error] mod_fcgid: fcgid process manager died, restarting the server and the next error is:
[Mon Feb 04 14:32:34 2013] [error] server reached MaxClients setting, consider raising the MaxClients setting ...
Both these errors seem to indicate that you have a process that is running out of control on your server. We were unable to determine what script on your site is running caused your connections to be maxed out however it does appear that before these errors were generated there was a WordPress plugin referenced in your access logs...
2.- Additionally during our review we did find that your error log for mercadodedinerousa.com is 45 GB's which is excessively large and can cause problems when Apache is trying to write a such a large file.
3.- The majority of the errors being logged are:
[Wed Feb 06 12:12:31 2013] [error] [client 200.76.90.5] Options FollowSymLinks or SymLinksIfOwnerMatch is off which implies that RewriteRule directive is forbidden: /var/www/vhosts/mercadodedinerousa.com/httpdocs/index.pl, referer: [URL]
On my new unmanaged VPS i keep getting mass emails sent to me saying -
iptables v1.2.11: can't initialize iptables table `filter': iptables who? (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
Im a bit of a n00b when it comes to unmanaged servers, just wondering if anyone knows whats wrong and how to fix.