I am running a ServerMatrix box with 2x80 GB HD, Dual 512k RAM and a 3.2 GHZ chip. My box has never had any serious issues until I had PSM harden security and suddenly, my swap level is 100% and I have tons of red flags in WHM.
Running 'top' as root shows 0.00% idle and the box has gone down 4 times in 10 hours. Prior to APF/BFD - this box was stable and had been up 15 days since a manual reboot and 31 days prior to that.
What I am wondering is, is this box good enough to run APF / BFD and all of the hardening Platinum Server Management does for WHM/CPanel boxes? I am thinking because I am running about 10 WordPress sites that consume a lot of PHP and MySql resources that combined with APF and BFD crons, I may be in over my head or don't have enough RAM to keep the webserver functioning properly.
There are only about 40 websites on this box, all moderate in size and none consume more than 5 GB of traffic per month but all do use PHP for WordPress, Geeklog, Joomla and a 2 topsites with about PR 4 rankings.
I am wondering if I should simply upgrade the RAM or head for a new / more robust box with ThePlanet et al.
I really want APF and BFD and in fact, I'd like all of the hardening that PSM installs but not at the cost of consuming resources that cause the box to crash.
Keep in mind that once the hardening is reversed on this box, the box runs smooth with 85% to 98% idle on both CPUs with little effect on resources. I even had PSM disable all security that was running via cron every 5 mins and just left APF in place but even with just APF the box crashed.
I trust PSM, they do great work overall and their response time is excellent by the way. I am thinking this is a hardware issue and not an issue with PSM's hardening in general.
Has anyone else seen a dramatic consumption of resources running APF and BFD?
Quite a few companies enable things during "security hardening" that might be detrimetal to the performance of the server. If your secure configuration is more than 10 - 15 % slower than your unsecured one - there is something seriously wrong with the work being done. Either too strict a rule set being used - in that case PSM should be able to find where the issue is and impletement something simpler.
APF and BFD definately does have a security overhead having to examine every packets of data. However, in our experience this has never been all that high - unless you turn on some of the more advanced features.
For the note - we've used APF and BFD combo on servers as lowend as 1GHz without any issues. However, whether you have enough resources on your system after the applications you're running is going to severely sckew what you can do.
Last edited by ImZan; 10-16-2006 at 03:15 AM.
BLUETRIDENT.NET - Reliable Shared, Reseller and Dedicated Hosting Solutions Provider
Managed Hosting with Personal Service
Highspeed Content Servers, Lighttpd, Ruby on Rails, Cluster Servers & Rich Web Application Hosting
Thank you all for your responses. I am going to cotact PSM with your suggestions primarily to check the rulesets perhaps being too strict. I am at 1024 by the way but yes more would be nice of course, just will kill me with the downtime but I have been there before with an older box.
Cheyenne, did you do the APF/BFD install yourself or did you have a service do it for you or perhaps your DC?
WireSix - I Googled ip_conntrack and found some great articles about it and will ask PSM to look into it... thanks!