Security :: Crashing Apache Mass Connection?

Aug 29, 2010

Basically, this is not the first time it happened, but the third I would say. My trouble and concern is with this massive downloading targeting a test file of mine/client file of mine. Since my server couldn't support that many connections child process spawns, my apache server crashed.

I managed to solve it by closing the client's account, preventing the attack from continuous download. Another way I could solve it was by replacing the file they attempted to attack with 0 byte file.

I'm wondering if there is a possible solution to prevent such issue in future. I'm also not very sure what kind of attack this is. Could it be DDOS? But from what I've asked, some said it wasn't DDOSed, if it was, my whole server would go down, not only apache.

What I was curious was how these attacker found out the files that were stored on the server. These files were not leaked outside, nor there could be a possibility to access that folder because it was protected by .htaccess which deny everyone.

View 4 Replies


ADVERTISEMENT

Ubuntu Security :: Assign Read-only Permission On Mass Storage And CD-ROM?

Jan 7, 2010

I have Ubuntu9.10 installed in my laptop, and I want to give read-only permission on mass storage device (USB flash & external HD) & CD-ROM.
please guide me how this is possible. It should be automatically.

It's necessary for security purpose.

View 5 Replies View Related

Server :: Apache Crashing VPS - Need To Reduce Memory Usage

Feb 11, 2010

I have a VPS running a web application served using Apache, that on average deals with 20-50 requests per second. It's usually above this point (50 requests per second) that the amount of memory that Apache uses is too high for the VPS and errors start occuring - web pages crash and VPS falls over for a minute or two before going back to normal levels.

I believe that MaxClients is the best way to reduce the amount of RAM that Apache uses and I am planning to reduce MaxClients from 256 (default value) to around 100. Each Apache process uses ~15MB and the server has 1900MB of ram in total - the server does nothing else other than run Apache and a few crons.

Current setting are:

Code:
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 3
# prefork MPM
# StartServers: number of server processes to start

[Code].....

I tried reducing MaxClients before which lead to massive slowness, so I need some other options as well.

Does my suggestion of reducing MaxClients to ~100 seems sensible? What are my options if the server experiences slowness again - optimise the application? What's the best way to reduce memory usage - move images to another web server?

View 2 Replies View Related

Fedora Security :: Firestarter Firewall Manager Keeps Crashing After About 5 Minutes. Restarts, Runs For A While, Then Crashes?

Apr 12, 2009

Have homebrewed machine, was running Fedora 8. Installed Fedora 10.Firestarter firewall manager keeps crashing after about 5 minutes. Restarts, runs for a while, then crashes.Thought it might be an IPTABLES turf war with the native Fedora 10 gui firewall manager, so disabled that at System > Admin > Firewall. Also disabled SElinux. Still have problems.Firestarter firewall seems to work OK, just the gui Firestarter monitor/manager.If anyone has ideas as to cause, I'll take a clue.I could use Firestarter to generate the IPTABLES by ..manually editing the /etc/firestarter/inbound|outbound/allow-.. files and then../etc/init.d/firestarter restartBut I find the events log useful to look at. Anyone know where the events log file is kept in the file system?

View 4 Replies View Related

Security :: Define An Appliance Based On Suse For An Application Server And Web Server Apache - Best Network And Security?

Feb 6, 2010

We are trying to define an appliance based on Suse for an application server and Web server Apache, so we would like to know configuration best practices for network and security, is there any paper/doc about best practices?

View 3 Replies View Related

Server :: LAN Connection Between Mysql And Apache?

Jul 29, 2010

Running slackware13.1 with mysql on box2 and apache on box1 both in same lan. How do i configure mysql for apache connection? I have looked at many mysql config. howto which i can follow but i'm confused about whether the connection type is considered remote connection because the 2 services are on seperate boxes but are in same lan? Apache will be serving public webpages not just to the lan.

View 1 Replies View Related

Security :: Apache SSO Using Mod_auth_remote?

Aug 18, 2010

Has anyone used the mod_auth_remote module to delegate authentication? I have two apache2 servers. One is a content server and the other one is the sso/auth server. When the content server receives a request for a resource protected by basic authentication, the request is forwarded to the sso server for authentication. So far so good. But, the sso server should return a http 200 to the content server and granting access to the user. However, the sso server always returns a http 301 to the content server. So I appear to be stuck in an authentication loop.

Content server config:
<Directory /var/www/html/secure/>
AuthType Basic
AuthName "Content server"
AuthRemoteServer sso.intra
AuthRemotePort 80
AuthRemoteURL /auth

[Code]...

Or perhaps you have a better way of accomplishing apache sso across multiple servers?

View 1 Replies View Related

Security :: URL (Not URI) In Apache Access Log?

Mar 6, 2010

I happened to be looking at my Apache-2.2.8 log on an Ubuntu LTS 8.04.4 system, and noticed a few lines like this:
Code:
61.160.212.242 - - [06/Mar/2010:07:04:41 -0800] "GET http://218.30.115.246/ HTTP/1.1" 200 295 "-" "-"
61.160.212.242 - - [06/Mar/2010:07:05:29 -0800] "GET http://218.30.115.246/ HTTP/1.1" 200 295 "-" "-"
xxx.xxx.xxx.xxx - - [06/Mar/2010:07:56:15 -0800] "GET http://218.30.115.246/ HTTP/1.1" 400 290 "-" "-"

(The third line is me telnetting to the server and trying to issue the same request. Note that I got a 400 error response, while the guy coming from 61.160.212.242 got 200s. Also, if you just open the http://218.30.114.246/ URL, you get back "hello" (nothing else, just 5 characters). I'm presently putting together a bootable CD with chkrootkit to run on the machine. (I found a thread that mentioned in passing that this was related to PHP, which I have running on that Apache server, but my Google-fu isn't strong enough to track down the original thread.) (After checking with chkrootkit: nothing unusual found.)

View 10 Replies View Related

Fedora Servers :: Apache: Connection Times Out Even On LAN?

Dec 19, 2009

I'm using Fedora 12 with Apache 2.2.14, and I was having this error on 2.2.13 as well.

Even when I connect to my server over LAN, Firefox times out occasionally while connecting. I can't figure out what is causing this. The error_log isn't showing anything. I even cleaned the error_log file, so that if something happened, it'd be a little easier to spot. But I'm still getting time outs, and nothing in the error_log.

Here is my httpd.conf [URL]

It's the default Fedora configuration, I've only changed the ServerName if I remember correctly. it's not the Timeout setting, because on LAN it should never time out.

View 4 Replies View Related

Ubuntu Security :: Set Apache In Run Level 2?

Apr 6, 2010

how can i make apache to run in runlevel2

View 1 Replies View Related

Ubuntu Security :: UFW Blocked IP In Apache Log?

Jun 7, 2011

I've setup the Uncomplicated Firewall (UFW) on Ubuntu 10.04 LTS and blocked an IP address. UFW status shows that the firewall is active and the IP in question is denied. The issue is that I'm seeing the blocked IP address in my Apache logs.

View 1 Replies View Related

Security :: Files Executed Via Apache?

Sep 2, 2010

The actual file didn't exist. I am confident it came through a site but I am more curious what settings in apache affect the ability to do this?

View 2 Replies View Related

Ubuntu :: Apache Process (Internal Dummy Connection)

Aug 13, 2011

I have this problem for a month now. Some apache process that appears rather slowly using 100% cpu for each core. Today I watch some logs in apache2, namely other_vhosts_access.log and discover this
server:8181 127.0.0.1 - - [13/Aug/2011:12:34:52 +0200] "OPTIONS * HTTP/1.0" 200 136 "-" "Apache (internal dummy connection)"
On 8181 I have google sitemap generator running but I have it for over a year and it never make any problems.

View 1 Replies View Related

Fedora Security :: Apache: How To Autoindex With Mod_security

May 13, 2009

Once the mod_security module gets loaded to apache, autoindexing stops to work. In a folder without index.html the server says: 403 Forbidden You don't have permission to access /TheFolder/ on this server. I was trying to find something to comment out in the /etc/httpd/modsecurity.d and in the modsecurity.conf files .. but couldnt find anything relevant. how to have mod_security on with haveing autoindexing on aswell?

View 3 Replies View Related

Ubuntu Security :: FTP User And Group To Apache?

Jun 13, 2010

What would be the effect of setting ProFTPd's user and group to the same user and group that Apache use? Are there any security risks in doing this, or is this safe to do?

View 4 Replies View Related

Ubuntu Security :: Relation Between Apache & Squid?

Oct 3, 2010

Lately i just installed Ubuntu 10.10 and get my Squid installed.It work much superior than Polipo for cache but i do not understand why i got Apache installed after i installed Squid.Is there any co-relation between Apache and Squid?Does it gonna make me run my own web server?

View 4 Replies View Related

Ubuntu Security :: File Permissions With Apache

Jul 6, 2011

I know how to assign file permissions and other tasks like user to group, but I'm stuck with a situation in how I should set up my system.So I have a LAMP server set up. I'm not the only developer so I created a group called "developers" for my other users "Mike," "Alex," and "Cindy," which are developers (I'm Mike by the way). I know that "www-data" is the user and group Apache uses.This is good because only I have permission to update the production site, but for the dev site, it's a different story.

View 3 Replies View Related

Security :: Apache In DMZ And Oracle In Local LAN - How To Communicate

May 21, 2010

I will be setting up Apache web server in DMZ and Oracle web server (Windows) in LAN. The requirement is to allow logged in visitors to view / change their details via the web site. What is the best way to configure this. Is simply allowing web server's ip to communicate with oracle server's ip (and the oracle port) is secure enough or is there a way to do this more securely?

View 6 Replies View Related

Security :: Prevent Ddos Apache Attacks?

Jan 25, 2011

recently my Apache server crashes very often; by watching the error log,I've notice several signs of intrusion.So, I think the problem can be a denial of service attack against my machine.My distribution is Debian Lenny.

View 2 Replies View Related

Ubuntu Servers :: Apache Redirect For Connection Coming Via External IP?

May 14, 2010

On my Server I have an application running. I have the External IP address of the Server registered in DNS so users requiring access from outside the office can enter a full URL rather then an IP address.

How to I change my Apache config so that all traffic that comes into the server from the URL is put over https?

View 6 Replies View Related

Fedora Security :: SElinux Apache Upload Denied

Jun 22, 2010

I want to be able to created directories and upload files (images mostly) via a php web page. The directory structure is a throwback to windows and I really really don't want to have to change it because there are so many files/links already there.

/cust/cust_name/site/version/web (all html/php files go here)

I want to be able to edit the files with a 3rd party tool (SSH based). These are small orgs, like my church, local community club, sports team, etc., so file ownership needs to sync with the editor, not apache.

[Code].....

View 5 Replies View Related

Ubuntu Security :: Alerts When Apache LOGS Contain Certain Data

Jul 10, 2010

Does anyone know of any software that can monitor the Apache logs for certain phrases or keywords then send an alert when found? For example I know an attempt to hack has been made when I see log entries like this....

/admin/
/admin/phpadmin/
/phpadmin/

But by the time I see it, the attempt has long since failed or succeeded. What I need is a way for my server to alert me WHILE someone is entering these phrases. I realize there may be a "hit" to performance but my server is not that busy anyway (except for hackers).

View 3 Replies View Related

Ubuntu :: Security Risk To Run Apache Web Server On Laptop?

Sep 29, 2010

I am running Ubuntu 10.04 on my laptop. I have an Apache web server running that I can access at 192.168.1.102 ("It works! This is the default web page for this server. ...").

Are there any security risks in leaving this running? Is the web server available to anyone outside my network?

View 2 Replies View Related

Ubuntu Security :: Need Daemon Running Apache Server?

Apr 5, 2011

I'm trying to modify an existing user so that any files they create can be at least read (although writing and execution would be nice) by any other user. The reason is because I need the daemon running my Apache server to be able to access files created by a daemon running under this user, files which will be created and accessed in real-time.

View 3 Replies View Related

Ubuntu Security :: Common Apache 2.2 Exploits - How To Stop

Apr 29, 2011

Does anyone know any common apache 2.2 exploits and how to stop them? I am setting up a web server and want it to be secure as possible. I currently have a basic lamp server on a ubuntu server.

View 1 Replies View Related

Ubuntu Security :: Running Shell Commands From Apache

Jun 3, 2011

Ok, so I have a few web apps that need to run shell commands. Heres a great example of one:

Code:

This is a PHP script getting my system volume. Herein lies the problem... www-data doesn't have permission to do this!

I changed my apache config to use MY account as the web user, and it does in fact work the way I want it to.

Obviously, I dont want to leave apache running as me, and want it to keep using www-data.... heres my question... how can I give permission for www-data to execute certain programs?

View 3 Replies View Related

Security :: Allow Apache To Send SIGHUP To Root Process?

Feb 18, 2010

I have been tasked with sending a kill -s SIGHUP (a reload) to a Daemon process owned by root running on a centOS 5.4 machine.

Obviously, Apache cannot normally do this, so I'm going to have to use the sudoers file.

My problem is, how do I allow the Apache user to only run the kill command? nothing else.

in testing, I've gotten Apache to basically run every command prefixed with sudo and no password prompting. But I want the added security to only run the kill command without the password being prompted everything else should prompt for a password.

I'm trying to understand the sudoers file, and i must say, its non-trivial.

is there a simple 1 line I can put in the sudoers file like

PHP Code:

apache   ALL=(ALL)   NOPASSWD: /bin/kill 

View 6 Replies View Related

Security :: Granting Apache Sudo Rights Secure?

Sep 27, 2010

I have setup a VPS server, created two accounts to two domains respectively, and in one account I built a tool to manage other accounts. I have been rigorously researching and found information, however not implemented yet, about granting apache sudo rights through an interface on one account, so that it can execute scripts as root to manage installations in other accounts. what I mean this is my tool will use 'rsync' to duplicate installations from any account into any account.

My question for security, is it secure to grant apache sudo rights? I have not resolved successfully granting it permissions, and I would not want to waste my time investigating more on it if it can compromise the system in any way.

In your experience, is it feasible to build such a tool like I described? I have the tool working to copy within account and to addon domains and it works great, but I want it to manage all accounts on the server.

View 3 Replies View Related

Software :: Apache + Perl Large File Upload - Connection Reset

Nov 11, 2010

I'm having some trouble uploading large log files to our server using perl. We are required to upload files larger than 2GB (regardless of how infeasible that sounds). I have tried the same thing on two different servers:

Code:

1. Linux 2.6.32-24-generic #39-Ubuntu 10.04 i686 GNU/Linux Server version: Apache/2.2.14 (Ubuntu)
2. Linux 2.6.5-7.244-smp #1 SLES_9 x86_64 x86_64 x86_64 GNU/Linux Server version: Apache/2.0.49 Smaller files upload without issue, however when a file larger than 1048576000 bytes is sent to be uploaded, the browser immediately fails, yielding this:

Code: This web page is not available. The web page at blah might be temporarily down or it may have moved permanently to a new web address. Below is the original error message: Error 101 net::ERR_CONNECTION_RESET): Unknown error. The apache log gives some indication of the file size limit:

Code: Requested content-length of 5954683941 is larger than the configured limit of 1048576000 However, I have looked through the apache config files and can't seem to find where this setting for content-length is. Is there an absolute maximum setting for file uploads in apache? Is it also possible that this is actually caused by a Perl error?

View 1 Replies View Related

Ubuntu Security :: Ways To Secure Server Setup With Apache?

Jun 19, 2010

I've set up a server for the first time today and I'm reading up on how to secure it. But I was wondering if anyone here would give me some tips from personal experience on what to do before going online with my website for the whole world to see. I'm running Ubuntu Server edition and Apache. Am I good to go with default settings or is there anything recommended that I should first do?

View 9 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved