I found an IP that send a lot of request to my httpd. At least 20 requests/second. I think the guy behind that IP want to auto download some of my files from my server.
I already used .htaccess to block the ip. It works. But becasue there are too many request from this guy, it make the server a bit slow. Is there any method I can totally block this ip from a server level? Am I need to use a firewall?
i am using seperate server for sql .But my httpd server failed many time when i checked maximum number of httpd connection then my sql server using too many connection what is the reason of this problem . Is my sql server using as a slave in a ddos attack or sql server need http connection?
I'm curious. I have read some stuff recently about Amazon, Mosso and other clouds. I know Mosso has switched over to a request based pricing model and I realized that I am not sure exactly what a 'request' is.
I think that a hit, as tallied by AWStats, Webalizer, etc. would be the same thing as a request, but I wasn't 100% sure if that was the case with Mosso. I actually contacted Mosso support (someone I know is considering using them) to ask them for clarification on a request. They stated that a page with two images would be three requests, one for each image and one for the page itself. I asked if it was the same as 'hits' and they said no, it isn't. This didn't sound right to me, because my understanding of 'hits' is the same as how he described 'requests'.
So, I figured I would just ask the experts on WHT.
I couldnt find my past forum post regarding a good service from LA to Australia. Mainly, Im looking for a LA service which will provide me with super times to melbourne australia. I need a company which is small and that can provide me with fast support and great speeds.
After signing up with zone, setup was delayed but support staff added 5 Gigs of storage to compensate. Thank you for that.
After almost 4 weeks of back and forth with support (we have the managed package), we are still not able to get emails delivered to Hotmail's Inbox. Sean & team have tried a few tweaks but email is still not getting through but end up in the junk folder.
At this point, the VPS is of no use to us since we cannot get emails delivered to Hotmail's Inbox (and many members have registered for newsletters using a Hotmail account).
I understand that Zone is to supply a fully managed VPS and they have. Everything works except getting emails through to Hotmail. We have left voicemails and support tickets to Sean (and billing) asking to see if they can make an exception for our special case and do a pro-rated refund for us (there are 5 months left and the first month was all trying to get the Hotmail issue resolved). But voicemails and support tickets have gone unanswered for a few days. Anyone else seeing this delay in reply from the Zone?
when i check apache status, i see one domain send many request to server, for example: domain.com 10.20.30.40 domain.com 10.20.30.40 domain.com 10.20.30.40 domain.com 10.20.30.40 domain.com 10.20.30.40 - - - how can i prevent this problem? this problem tease me and my server, because induce apache to work unremitting. Ram Usage is: 65%!
I have an somewhat unusual requirement. I need a hosted Vista or XP desktop somewhere.
This is not to host a server application. The reason I need it is that I need to give my staff access to an application that only runs on an XP or vista desktop environment, and I dont want the software in question installed on their pc, instead they will log on via remote desktop and use it that way. The application does *not* run on Win Server 2003.
I have looked high and low, but all the Windows VPS services on the market seem to be hosting Win Server 2003 exclusively, which is no use to me. Does anyone out there know if it is possible to get hosted XP or Vista anywhere?
I am aware that there are a couple of providers who will host a vmware vm for you but even they seem to be oriented towards Win Server, which is no use to me.
I am working with XAMPP 5.6.8 (Apache 2.4.4, MySQL 5.5.32 and PHP 5.6.8 ) on a 64 bits Windows 7 Ultimate (Service Pack 1) Operating System.
I am working with an Arduino UNO and a WIFI Shield connected to the Apache server.
I am sure Arduino is connected to the WiFi network and to the server, and it also sends the GET request to the server.
Apparently, everything is OK because I can see the 200 OK message from the server in the Arduino serial monitor, but I find no trace of that request in the server log although all the requests made from the browser (by typewriting the server address in the browser address bar and pressing enter) appear in the server log.
I'm starting a small, local company in Illinois that will create web pages and host them for residents around my community such as lawyers, doctors, etc. I don't believe I should go with shared hosting because that would not be fair to my clients and I would like to give them good, reliable service so their business does well too. Which entry level, or basic dedicated server should I rent for this purpose? Since I'm just starting, I wouldn't want to overspend, but at the same time I do want performance for the few initial clients I receive. As my company grows, I'm sure I'll migrate into a more large scaled server(s). Any quotes or companies anyone can refer or think of? And possible quote for this type of server/situation.
For the last 6 months our site has been under severe brute force, syn flood attack. They keep bombarding a single URL of the server and it is xml file. They are not attacking any other URL.
We have removed the xml page from our site but still they keep on sending requests, this is for the last 6 months non stop.
The IP has been changed just to see and they are sending several thousand requests per second. The requests come from different IPS and different ranges, so you can not even block the IP’s. They seem to be coming from a legitimate IP’s.
Due to this I have had to pay for an extremely expensive server which holds 8 GB of RAM and quad core processor etc, however, even with this the server server still reaches critical level, just because these requests are eating up my resources.
Our technical team has been working on all aspects of apache server security, external modules, firewall, hardware firewall from beginning but still we are not able to stop them.
We have installed following modules.
7) SYS_Cookies enabled
We have worked with the hosting company and their technical team leader, he installed the best CISCO hardware firewall and tried to stop them, but in vain.
We have checked our server to see if anything from our site is causing the request, no extra file uploaded on to the server. For example if some file has been upload or some text has been added to the file (checked if we’ve been hacked). Even though we checked for any hacks, I am still wondering if there is something we do not know about. Can a hack lead to huge amounts of traffic?
We need some help to stop these attacks. We have searched a lot and have found that sites that get attacked like this have only one option is to shut down till it stops. I really hope that will not be the case for us. Please let us know if any one has any ideas to deal with this.
Also could it be our own part of php code which can do this? We are ready to check every php file to make sure it does not have any line of code which can be dangerous?
We worked with hardware firewall company to drop a request on the spot coming for the single URL but it is getting setup.
We have antivirus running on server however if any specific antivirus or antimalware is needed, we can try that.
Following are the details I have got from my linux admin. This will help you to trace the issue in better way. Problem: Apache SYN_RECV
OS - RHEL5 kernels - 2.6.18-92.1.22.el5-x86_64 2.6.18-92.el5-x86_64
OS Type: cat /etc/issue Red Hat Enterprise Linux Server release 5.2 (Tikanga) > cat /proc/version Linux version 2.6.18-92.1.22.el5 (firstname.lastname@example.org) (gcc version 4.1.2 20071124 (Red Hat 4.1.2-42)) #1 SMP Fri Dec 5 09:28:22 EST 2008
# Do not accept source routing net.ipv4.conf.default.accept_source_route = 0
# Controls the System Request debugging functionality of the kernel kernel.sysrq = 0
# Controls whether core dumps will append the PID to the core filename # Useful for debugging multi-threaded applications kernel.core_uses_pid = 1
# Controls the use of TCP syncookies net.ipv4.tcp_syncookies = 1
# Controls the maximum size of a message, in bytes kernel.msgmnb = 65536
# Controls the default maxmimum size of a mesage queue kernel.msgmax = 65536
# Controls the maximum shared segment size, in bytes kernel.shmmax = 68719476736
# Controls the maximum number of shared memory segments, in pages kernel.shmall = 4294967296 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_synack_retries = 2 # Enable IP spoofing protection, turn on Source Address Verification net.ipv4.conf.all.rp_filter = 1 # Enable TCP SYN Cookie Protection net.ipv4.tcp_syncookies = 1
# 65536 seems to be the max it will take net.ipv4.ip_conntrack_max = 1048576 net.ipv4.tcp_rmem = 4096 87380 8388608 net.ipv4.tcp_wmem = 4096 87380 8388608 net.core.rmem_max = 8388608 net.core.wmem_max = 8388608 net.core.netdev_max_backlog = 5000 net.ipv4.tcp_window_scaling = 1