Apache Website not loading – DDoS
On a Fresh Cpanel Server, after pointing the domain name to the server, the website won’t load. Some times site loads after a very long wait. Apache was working fine and the server load was normal.
On checking Apache status in WHM, I found all workers are in use
|
1 |
150 requests currently being processed, 0 idle workers |
On another somewhat busy production server, I had “18 requests currently being processed, 132 idle workers”.
|
1 2 3 4 5 6 7 8 9 10 |
Current Time: Saturday, 22-Oct-2022 04:25:16 UTC Restart Time: Wednesday, 28-Sep-2022 05:46:18 UTC Parent Server Config. Generation: 119 Parent Server MPM Generation: 118 Server uptime: 23 days 22 hours 38 minutes 58 seconds Server load: 0.98 1.32 1.56 Total accesses: 8832035 - Total Traffic: 511.0 GB - Total Duration: 12701232339 CPU Usage: u344.48 s101.28 cu71563 cs11674.9 - 4.05% CPU load 4.27 requests/sec - 259.0 kB/second - 60.7 kB/request - 1438.09 ms/request 18 requests currently being processed, 132 idle workers |
On checking apache error log /etc/apache2/logs/error_log, i have error related to MaxRequestWorkers
|
1 2 3 |
AH00288: scoreboard is full, not at MaxRequestWorkers AH00287: server is within MinSpareThreads of MaxRequestWorkers, consider raising the MaxRequestWorkers setting AH00286: server reached MaxRequestWorkers setting, consider raising the MaxRequestWorkers setting |
You can find the errors with the command
|
1 |
grep MaxRequestWorkers /etc/apache2/logs/error_log |
On checking the connection with netstat, there were a lot of incoming connections
|
1 |
netstat -tn 2>/dev/null | grep -E ':80|:443' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -nr | head |
The server was getting some DDoS attacks causing the server to go down. The issue is fixed by enabling the DDoS protection service provided by the server provider.
Back to DDoS