Sometimes, there may be more number of httpd connections to the server. If we increase Maxclients to more than 300, it won’t be able to withstand the high access.
This can be fixed by enabling Raise Hard Server Limit on easy apache.
In WHM , go to Software > Apache Update:
1. Profile: Previously Saved Config [Start customizing based on profile]
2. Apache Version: (your choice) [Next Step]
3. PHP Major Version: (your choices) [Next Step]
4. PHP Minor version: (your choices) [Next Step]
5. Short Options List: (your choices) [Exhaustive Options List]
6. Exhaustive Options list: [CHECK] Raise Hard Server Limit
7. Save and build
The above process can be done via SSH as well (using /scripts/easyapache) and finding similarly “Raise Hard Server Limit” in order to enable it and then recompile Apache.
When you choose “Raise Hard Server Limit” (via cPanel or SSH), cPanel patches /home/cpeasyapache/src/include/httpd.h (using /home/cpeasyapache/src/cppatch/raise_hard_server_limit.patch) in order to increase HARD_SERVER_LIMIT from 256 to 2048.
1===========Cpu process==========
Check processes and find the process that take high cpu usage
=>nice top
=>top -c Shift+m
=>pstree -pua
then kill it IF ANY SUSPICIOUS PROCESS
=>killall -9
=>kill -9
2===========Semaphores checking==========
to show IPC
=>ipcs -s
for i in `ipcs -s | awk ‘{print $2}’`; do ipcrm -s $i; done use this script to remove all semaphores.
lsof -c httpd |grep cwd|grep home| awk ‘{print $9}’|cut -f3 -d\/|sort -n| uniq -c|sort -n
3.==========Exim ===================================
If again high load exim check for spaming
If there are too many exim it may due to spaming
*then enable Spam assasination
*Remove frozen mails from the queue,
*Check for exim connection using netstat
exim -bp |grep frozen |awk ‘{print $3}’ |xargs exim -Mrm
Remove all mails in the server.
Forceful delivery:
exim -qff -v
4. =============http connections=DOS==================
=>pidof httpd
also check whether ir is due to url calling::
watch using
watch “ls -ltr /usr/local/apache/domlogs | tail -20″
netstat -plan | grep :80 | awk ‘{print $5}’ | cut -d: -f 1 | sort | uniq -c | sort -n
netstat -anp |grep ‘tcp\|udp’ | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n
If there are too many http connections from any IP, you can block that IP.
If you want to block an IP use the syntax
=>iptables -I INPUT -s IP -j DROP
or
=>apf -d IP
this edits apf.conf
4.===============Mysql =================
The status of the processes and databases accessed can be found using:
=>mysqladmin processlist status
=>/etc/init.d/mysql restart
5.=========Also check these================
Free memory in server
free -m
No of domains hosted in server
=>cat /etc/userdomains |wc -l
No of processors:
=> cat /proc/cpuinfo |grep processor
=>dmesg |grep error
https://twiki.cern.ch/twiki/bin/view/FIOgroup/DiskPrbSata
=> /scripts/smartcheck
also check access to a particular domain
cd /usr/local/apache/domlogs
ls -alSh |more
tail -f /usr/local/apache/domainname
if it suspend it
No comments:
Post a Comment