Welcome to WebmasterWorld Guest from 107.20.104.161

Forum Moderators: bakedjake

Message Too Old, No Replies

Protection against high server load levels? ssh priorities?

     

eaden

2:25 pm on Jan 19, 2003 (gmt 0)

10+ Year Member



Hi there,
I am wondering what is the best way to prevent a server from being overloaded to such a stage that you can't log in. The only idea I could come up with is a cron job that checks the load level and stops say apache. But in the case of a slashdotting this wouldn't be quick enough!

Brett_Tabke

2:32 pm on Jan 19, 2003 (gmt 0)

WebmasterWorld Administrator brett_tabke is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



DOS and SynFlood attack prevention is best and easiest done at the router level by your webhost.

eaden

2:39 pm on Jan 19, 2003 (gmt 0)

10+ Year Member



sorry, I should have been more specific. I mean overloaded by genuine requests, i.e. say if google or slashdot, or cnn just randomly decided to link to you off their front page. ( extreme example ). And I'm talking about Apache running on Linux

The aim being the webserver doesn't get so busy that I can't log in using ssh and kill apache before it brings the whole system down

Knowles

6:51 pm on Jan 20, 2003 (gmt 0)

10+ Year Member



I think bretts aproach would fix what your refering too. The only other solution you could come with would be your idea of a cron job, if your are extreamly concerned this is going to happen have the cron job check the load every few min this though can also increase the load on the computer but shouldnt be enough to bring it down. Have it restart apache to reset the load and you should come out ok and be able to log in and watch it. The likely hood of this happening is probably slim unless you are running a massive site, if this is the case your gonna be better off having mirrored servers and a router splitting the traffic to those. Or less I dont understand either.

seindal

7:04 pm on Jan 21, 2003 (gmt 0)

10+ Year Member



Just tell apache not to start to many concurrent processes:

From the Apache documention:

The MaxClients directive sets the limit on the number of simultaneous requests that can be supported; not more than this number of child server processes will be created.

René.

cminblues

8:28 am on Jan 26, 2003 (gmt 0)

10+ Year Member



I think your idea of a cron job is a good one, if you want different conf. of apache running based on server load.

I.ex:


#! /usr/bin/perl
$alertvalue = 400;
#let's find a 'load' value of the 'waiting' HTTP:80 requests.
$numwait = `netstat -an ¦ grep -c ':80.*TIME_WAIT'`;
if($numwait > $alertvalue) {
# do something with your httpd.conf
# [ i.ex. change MaxClients & ThreadsPerChild values, if you're on a Apache 2]
# gracefully restart the server
system "kill -USR1 `cat /var/run/httpd.pid`";
}
exit 0;

And, as Brett pointed out, if you're often under SYN-ddos attack, an:

echo 1 > /proc/sys/net/ipv4/tcp_syncookies

may help.

P.S. [this board changes some ASCII chars..
so be careful in typing 'your' pipe (-> '¦' here) char.]

cminblues

eaden

9:49 am on Jan 26, 2003 (gmt 0)

10+ Year Member



>> Just tell apache not to start to many concurrent processes:
>> From the Apache documention:
>> The MaxClients directive sets the limit on the number of
>> simultaneous requests that can be supported; not more than
>> this number of child server processes will be created.
>>
>> René.

Thanks, this is what I was looking for. It seems to work well.
I had never needed to use it though becasue i didn't have such a popular site.

re the perl script, nice :) i'll give ti a go

 

Featured Threads

Hot Threads This Week

Hot Threads This Month