Thread: What's happen with this error?
08-16-2009, 12:17 AM #1WHT Addict
- Join Date
- Nov 2005
What's happen with this error?
My server i7 920 12GB Ram Cpanel
CPU load average about 0,7%
Ram Load average about 20%
but service in httpd port very slow.
and have errors
[email protected] [~]# tail -f /var/log/messages
Aug 15 20:50:06 server last message repeated 2 times
Aug 15 20:52:06 server last message repeated 2 times
Aug 15 20:54:07 server last message repeated 2 times
Aug 15 20:56:07 server last message repeated 2 times
Aug 15 20:58:07 server last message repeated 2 times
Aug 15 21:02:34 server kernel: possible SYN flooding on port 80. Sending cookies.
Aug 15 21:04:34 server last message repeated 2 times
Aug 15 21:06:35 server last message repeated 2 times
Aug 15 21:07:36 server kernel: possible SYN flooding on port 80. Sending cookies.
Aug 15 21:09:36 server last message repeated 2 times
Aug 15 21:11:36 server last message repeated 2 times
Someone who know this error? And how to fix?
08-16-2009, 01:43 AM #2Web Hosting Master
- Join Date
- Mar 2009
- Gods Own Country
Someone is trying to flood port 80. You may do the following...
1. Turn "Off" KeepAlive and lower Timeout parameter in apache configuration
2. Use mod_security in apache
08-16-2009, 03:32 AM #3Web Hosting Master
- Join Date
- Jun 2003
- World Wide Web
You can make simple script to block hosts with more than some value of SYN_RECV requests using iptables. (get the IPs from the netstat command) .This may not be the best method , but for the things to get normal soon you can follow this .
There are some options in sysctl that you can play with to get things work . But before that we must identify whether its a real ddos or a normal dos . If its a heavy attack as ddos , its better you contact your DC .
Increase the backlog queue to support more connections in the half-open state.
sysctl -w net.ipv4.tcp_max_syn_backlog="2048"
Also tcp_synack_retries variable can be tweaked . Make your hosting company do these and some apache optimization can surely help .SupportExpertz.com - the name says it all!
Managed Cloud Servers
Server Management and Monitoring
24x7 outsourced customer support
By Reseller Mike in forum Web HostingReplies: 16Last Post: 01-10-2009, 10:29 PM
By Linkdatacenter in forum Programming DiscussionReplies: 2Last Post: 05-25-2008, 04:16 AM
By hardjoko in forum Hosting Security and TechnologyReplies: 6Last Post: 07-19-2007, 05:07 AM
By VNPIXEL in forum Dedicated ServerReplies: 9Last Post: 03-13-2003, 06:23 AM