jaymc Posted June 4, 2008 Share Posted June 4, 2008 People killing my machine by requesting webpages over and over, causing apache to hit its max clients of 200 Because thats whats happening I had a proxy enabled (apaches module one) about a year ago until I realised it was open to the public, by then it was listed on those proxy websites, since then I get requests all the time, all of which fail but still count as an apache request, hence I max out on connections It is not 1 particular IP address, and via server-status sometimes it does not even give the IP, it just shows a question mark, which I suppose is spoofed headers What can I do to stop this? I cant change the IP of my server, as they are querying via the domain name The proxy port was :80, so I cant block that either Quote Link to comment https://forums.phpfreaks.com/topic/108691-solved-whats-to-stop/ Share on other sites More sharing options...
trq Posted June 4, 2008 Share Posted June 4, 2008 Attacks of these sorts can be prevented by a good firewall script, are you using iptables? You might also take a look at some of the kernel setting in /etc/sysctl.conf Quote Link to comment https://forums.phpfreaks.com/topic/108691-solved-whats-to-stop/#findComment-557432 Share on other sites More sharing options...
jaymc Posted June 4, 2008 Author Share Posted June 4, 2008 Yes I am using IP tables but I cant block 80 as have webserver running.. and thats where the requests are coming in from sysctl.conf gave this kernel.sysrq=0 net.ipv4.ip_forward=0 net.ipv4.conf.default.accept_source_route=0 net.ipv4.conf.default.rp_filter=1 kernel.panic=3 kernel.core_uses_pid=1 What can I do with that? Quote Link to comment https://forums.phpfreaks.com/topic/108691-solved-whats-to-stop/#findComment-557491 Share on other sites More sharing options...
trq Posted June 4, 2008 Share Posted June 4, 2008 Yes I am using IP tables but I cant block 80 as have webserver running.. You don't need to block it but you can stop request coming from specific ips so frequently there attempting a DOS. I don't have time to describe it here, but search for DOS prevention using iptables or something along those lines. Quote Link to comment https://forums.phpfreaks.com/topic/108691-solved-whats-to-stop/#findComment-557590 Share on other sites More sharing options...
jaymc Posted June 4, 2008 Author Share Posted June 4, 2008 Cheers Quote Link to comment https://forums.phpfreaks.com/topic/108691-solved-whats-to-stop/#findComment-557721 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.