[CentOS] Re: centos and apache DOS question

Tom Diehl tdiehl at rogueind.com
Sat Oct 21 18:31:54 UTC 2006


On Sat, 21 Oct 2006, Robert Becker Cope wrote:

>
> Tom Diehl <tdiehl at rogueind.com> wrote:
>
>> they are pulling the whole web site I see about 255 httpd processes.
>
> I believe that this is the default number of connections that Apache on CentOS
> allows. From the sound of it, your machine has plenty of power, and you could
> increase this number. That may or may not help, because it also sounds like the
> company pulling your content is not doing so in a very polite way and is using
> a client that opens many, many more connections than an average browser would.
> I would talk to them about this, personally.

I agree they are not being polite about it and I have spoken to them. It was
necessary for me to block them at the firewall to get their attention. Once
they could not sync, they contacted their customer who in turn called me. 
Funny how that kind of thing works. :-))

The thing I am concerned about is, what if someone decides to do this because they
want to bring the server down? This seems like a trivial way to execute a DOS.

So my question really is how do I prevent un-polite people from bringing the
server down? httpd appears to be consuming all of the available memory when this
occurs. If I increase the max https processes will that not aggrivate the 
situation? If I need to add more memory I can do that but I am trying to understand
exactly what is going on here.

One of the things that confuses me even more is the fact that the machine does
not swap nor do I get OOM killing processes. Is their something about httpd
processes that makes them behave like this?

Regards,

-- 
Tom Diehl		tdiehl at rogueind.com		Spamtrap address mtd123 at rogueind.com



More information about the CentOS mailing list