[ic] mod_interchange and Apache MaxClients
John1
list_subscriber at yahoo.co.uk
Tue Nov 15 06:19:29 EST 2005
On Tuesday, November 15, 2005 2:16 AM, rphipps at reliant-solutions.com wrote:
>> From: interchange-users-bounces at icdevgroup.org
>> [mailto:interchange-users- bounces at icdevgroup.org] On Behalf Of John1
>> Sent: Monday, November 14, 2005 3:52 PM
>>
>> I am running Apache with mod_interchange 1.32, with the following
>> httpd.conf
>> entries:
>>
>> StartServers 5
>> MinSpareServers 5
>> MaxSpareServers 10
>> MaxClients 150
>> MaxRequestsPerChild 10000
>>
>> I am finding that even with these settings Apache is hitting its
>> MaxClients limit now and again as evidenced by the following
>> entry in the Apache error log:
>>
>> "server reached MaxClients setting, consider raising the MaxClients
>> setting" The problem is that once Apache bumps up against this limit,
>> the site hangs, permanently!
>>
>> i.e. The Apache processes running stay at 150 indefinitely and so
>> the site becomes permanently inaccessible.
>>
>> I had thought that once MaxClients was reached TCP requests would be
>> queued and so eventually the lockout situation would end once the
>>backlog of requests was cleared.
>>
>> Having come across an old post to the mailing list:
>> http://www.icdevgroup.org/pipermail/interchange-users/2003-
>> March/032292.html
>>
>> ...I am wondering whether the reason that the lockout never clears
>> may be to do with how mod_interchange queues requests for Apache?
>> Does anyone know whether this could be the case, or if not, can anyone
>> else
>> suggest why I am getting *permanent* lockout once the MaxClient limit
>> is bumped up against. i.e. currently I am forced to restart Apache once
>> the
>> MaxClient limit is bumped.
>>
>> I have a second related question:
>>
>> The reason that the MaxClient is being bumped from time to time is
>> often (though not always) due to http floods from scripts looking
>> for files on my server that don't exist (i.e. looking for files with
>> known
>> security holes).
>>
>> Does anyone have any suggestions on how best to stop these sort of
>> floods bringing down my server?
>>
>> Any suggestions on how to solve this issue (and the lockout problem)
>> would be greatly appreciated as I am currently having to restart
>> Apache several times a day. Thanks.
>>
>
> I'm hoping Kevin can elaborate on how mod_interchange interacts with
> Apache and IC and perhaps we can come to a conclusion. Another idea I
> had was that maybe the MaxClients being reached is the result of
> another problem, such as IC is actually no longer processing the
> requests so Apache is never able to clear its backlog. The restart
> of Apache, could be making IC kill off the children processes and
> then spawning new processes in effect allowing IC to "catch up" with
> the requests.
>
Yes, I was wondering about this sort of possibility too. I had previously
thought that it was necessary to restart Apache and Interchange to clear the
problem, but I have now found that as long as I leave the server for a few
seconds between stopping and restarting Apache, there is no need to restart
Interchange. Conversely, if I stop and then quickly restart Apache without
pausing the website is still unresponsive. It seems that the reason for
this is that once Apache has been stopped it takes a few seconds for the old
Interchange daemon processes to die off, after which Apache can be restarted
and everything is fine again. I think it is necessary to wait for all the
Interchange processes to die off before restarting Apache, but I can't be
100% sure of this - I will try to verify whether this is definitely the case
next time I get a lockup.
> When the site goes down, further requests for IC pages show the
> following in the apache error log for the particular site:
>
> [Thu Nov 10 20:15:11 2005] [error] [client x.x.x.x] Malformed header
> return by Interchange:
> [Thu Nov 10 20:15:11 2005] [error] [client x.x.x.x] Premature end of
> script headers: /home/xxxxxx/public_html/favicon.ico
> [Thu Nov 10 20:15:11 2005] [error] [client x.x.x.x] Malformed header
> return by Interchange:
> [Thu Nov 10 20:15:14 2005] [error] [client x.x.x.x] Premature end of
> script headers: /home/xxxxxx/public_html/index.html
> [Thu Nov 10 20:15:14 2005] [error] [client x.x.x.x] Malformed header
> return by Interchange:
> [Thu Nov 10 20:15:16 2005] [error] [client x.x.x.x] Premature end of
> script headers: /home/xxxxxx/public_html/index.html
> [Thu Nov 10 20:15:16 2005] [error] [client x.x.x.x] Malformed header
> return by Interchange:
> [Thu Nov 10 20:15:18 2005] [error] [client x.x.x.x] Premature end of
> script headers: /home/xxxxxx/public_html/scan
> [Thu Nov 10 20:15:18 2005] [error] [client x.x.x.x] Malformed header
> return by Interchange:
> [Thu Nov 10 20:15:20 2005] [error] [client x.x.x.x] Premature end of
> script headers: /home/xxxxxx/public_html/favicon.ico
> [Thu Nov 10 20:15:20 2005] [error] [client x.x.x.x] Malformed header
> return by Interchange:
> [Thu Nov 10 20:15:21 2005] [error] [client x.x.x.x] Premature end of
> script headers: /home/xxxxxx/public_html/robots.txt
> [Thu Nov 10 20:15:21 2005] [error] [client x.x.x.x] Malformed header
> return by Interchange:
> [Thu Nov 10 20:15:24 2005] [error] [client x.x.x.x Premature end of
> script headers: /home/xxxxxx/public_html/index.html
> [Thu Nov 10 20:15:24 2005] [error] [client x.x.x.x] Malformed header
> return by Interchange:
>
Incidentally, I have another very low traffic, non-Interchange website
running on the same server. I have noticed that even if these "script
attacks" are against the other non-Interchange website, they still cause the
permanent lockup of Apache and hence the Interchange site once MaxClients is
hit.
> These messages repeat until IC is restarted.
>
> We've noticed more scripts hitting our site looking for holes and a
> higher amount of search engines crawling the site so higer traffic
> patterns may be related.
>
> John and Jeff, could you guys post the following:
>
> OS version
> Apache version
> Mysql version
> Perl version
> Mod_interchange version
> IC version
> Running in RPC mode?
> Processors?
> Ram?
>
I am running an Interchange 5.3.0 nightly build (that I have found to be
otherwise stable for over a year), mod_interchange 1.32. Interchange is
running in RPC mode. It is running on a Virtuozzo Virtual server platform
so processors and RAM probably not that relevant. Perl Version 5.6.1 and
MySql version 4.1.6.
> Thanks!
> -Ron
>
___________________________________________________________
Yahoo! Messenger - NEW crystal clear PC to PC calling worldwide with voicemail http://uk.messenger.yahoo.com
More information about the interchange-users
mailing list