View All Products
Compute
Storage
Databases
Networking
Developer Tools
Delivery
Security
Services
Industries
Pricing
Community
Engage With Us
Community Questions server not responding - possible ddos?
Log in to Ask a Question

server not responding - possible ddos?

networking

This morning a site of mine hosted on Linode stopped responding. I quickly logged in - could see nothing obviously wrong, and restarted Apache. This did not seem to fix the problem, so I had a look at the connection stats - it seemed there was anywhere between 40 and 100 connections with the status 'ESTABLISHED'.

I'm a little out of my depth here in terms of server admin - is this a sign of possible denial of service? Even though there were many connections, the cpu usage was not negligible - why would the site not respond? Do I need to increase max-clients or something?

Thanks in advance for any help.

4 Replies

Only 40-100?

You say "stopped responding" but then you "logged in." Please define both - what part stopped responding and how did you log in?

sorry for the lack of clarity - I meant it was not responding to browser requests for web pages - they would time out.

I logged in via ssh using Putty.

My current thoughts are that I maybe don't have apache set up to respond to that many concurrent requests - as the CPU/memory graphs seem to show that those resources were not maxed out.

my prefork setup for apache was as follows:

 <ifmodule mpm_prefork_module="">StartServers          2
    MinSpareServers       2
    MaxSpareServers       10
    MaxClients            75
    MaxRequestsPerChild   500
    ServerLimit           15</ifmodule>

Is apache running?

What kind of content are you serving? How many apache processes are actually running ('ps -eaf |grep apache |wc -l')?

Being able to handle 75 clients at a time seems reasonable, unless you are really, really busy, or your clients are all on really slow connections and/or you are serving up big files.

For slow clients or big files, you should look into using nginx as a front end and proxy to apache. There is some info here: http://www.linode.com/forums/viewtopic. … 2010#22010">http://www.linode.com/forums/viewtopic.php?p=22010#22010. Nginx can serve the static files directly, but even if it isn't, it is very memory and CPU efficient, even with thousands of active connections. It can receive results from apache and then return them efficiently, freeing the apache process to move on to the next request.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct