[Systems] {wiki, activities}.sugarlabs.org dead, no response to HTTP GET
Sebastian Silva
sebastian at fuentelibre.org
Thu Feb 25 02:52:14 EST 2016
Hi,
This morning we're past 150 active connections.
103-1 8274 0/10/10 _ 0.82 29 2016 0.0 0.07 0.07
2001:4830:134:7::11 wiki.sugarlabs.org:80 POST
/index.php?title=Special%3ARunJobs&tasks=jobs&maxjobs=1&si
>From the log that bernie left in /root/apache-status, I see a bunch of
connections such as the one above.
I've read a little about RunJobs and it is suggested a change in config
can make this process less expensive:
https://www.mediawiki.org/wiki/Manual:Job_queue#Performance_issue
However it looks like its triggering is an attempted Denial Of Service...
Regards,
Sebastian
On 18/02/16 01:43, Bernie Innocenti wrote:
> Seems to work now.
>
> Our webserver often ends up in a state in which all 150 processes are
> sleeping without much going on.
>
> Last time I saw it, there were plenty of connections from some shady SEO
> company (ahrefs.com). It very much looked like a DDoS, so I just
> blackholed their entire subnet with iptables.
>
> Not sure how to stop these in a more generalized way. Maybe we could
> rate-limit connections per-IP using iptables, or find an anti-DDoS
> Apache module.
>
> On 02/17/2016 11:58 PM, James Cameron wrote:
>> wiki.sugarlabs.org and activities.sugarlabs.org are accepting
>> connections but not responding to HTTP GET requests.
>>
>> quozl at sunjammer:~$ wget http://wiki.sugarlabs.org/
>> --2016-02-17 23:57:43-- http://wiki.sugarlabs.org/
>> Resolving wiki.sugarlabs.org (wiki.sugarlabs.org)... 2001:4830:134:7::11, 208.118.235.53
>> Connecting to wiki.sugarlabs.org (wiki.sugarlabs.org)|2001:4830:134:7::11|:80... connected.
>> HTTP request sent, awaiting response... ^C
>> 130!quozl at sunjammer:~$
>>
>
--
I+D SomosAzucar.Org
"icarito" #somosazucar en Freenode IRC
"Nadie libera a nadie, nadie se libera solo. Los seres humanos se liberan en comuniĆ³n" - P. Freire
More information about the Systems
mailing list