On 5/22/2012 12:02 PM, Bill Unruh wrote: > > Eg, here is one entry from the ps auxww list > > apache 18137 0.0 0.5 26844 5744 ? S 09:34 0:00 /usr/sbin/httpd -f > /etc/httpd/conf/httpd.conf -DAPACHE2 -DHAVE_PERL -DHAVE_PHP5 -DHAVE_ACTIONS -DHAVE_ALIAS > -DHAVE_ASIS -DHAVE_AUTH_BASIC -DHAVE_AUTH_DIGEST -DHAVE_AUTHN_ALIAS -DHAVE_AUTHN_ANON > -DHAVE_AUTHN_DBM -DHAVE_AUTHN_DEFAULT -DHAVE_AUTHN_FILE -DHAVE_AUTHZ_DBM > -DHAVE_AUTHZ_DEFAULT -DHAVE_AUTHZ_GROUPFILE -DHAVE_AUTHZ_HOST -DHAVE_AUTHZ_OWNER > -DHAVE_AUTHZ_USER -DHAVE_AUTOINDEX -DHAVE_BUCKETEER -DHAVE_CASE_FILTER > -DHAVE_CASE_FILTER_IN -DHAVE_CERN_META -DHAVE_CGI -DHAVE_CGID -DHAVE_CHARSET_LITE > -DHAVE_DIR -DHAVE_DUMPIO -DHAVE_ECHO -DHAVE_ENV -DHAVE_EXAMPLE -DHAVE_EXPIRES > -DHAVE_EXT_FILTER -DHAVE_FILTER -DHAVE_HEADERS -DHAVE_IDENT -DHAVE_IMAGEMAP -DHAVE_INCLUDE > -DHAVE_INFO -DHAVE_LOG_CONFIG -DHAVE_LOG_FORENSIC -DHAVE_LOGIO -DHAVE_MIME > -DHAVE_MIME_MAGIC -DHAVE_NEGOTIATION -DHAVE_OPTIONAL_FN_EXPORT -DHAVE_OPTIONAL_FN_IMPORT > -DHAVE_OPTIONAL_HOOK_EXPORT -DHAVE_OPTIONAL_HOOK_IMPORT -DHAVE_REWRITE -DHAVE_SETENVIF > -DHAVE_SPELING -DHAVE_SSL -DHAVE_STATUS -DHAVE_SUBSTITUTE -DHAVE_SUEXEC -DHAVE_UNIQUE_ID > -DHAVE_USERTRACK -DHAVE_VERSION -DHAVE_VHOST_ALIAS Never seen such a crazy startup line, I presume all of your modules have individual <IfDefine > blocks around each? > At that time in the access_log I have a whole bunch of entries like > ::1 - - [22/May/2012:09:34:22 -0700] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.2.22 > (Mandriva Linux/PREFORK-0.1mdv2010.2) (internal dummy connection)" That's your own local loopback from a process running on this same box. > In the past I have also had connections like 66.249.68.198 - - [22/May/2012:09:35:25 > -0700] "GET > /aggregator/www.umsl.edu/~keelr/010/www.twitter.com/www.iaea.org/Publications/Documents/Board/2008/www.environment-agency.gov.uk/homeandleisure/floods/node/www.guardian.co.uk/business/2012/feb/21/node/node/22?page=11 > HTTP/1.1" 200 58609 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; > +http://www.google.com/bot.html)" No clue. Maybe playing with open proxies? The document seems to be 58k if that helps you at all (maybe a local index page?) > In the error log around that time I get nothing that looks suspicious > > [Tue May 22 09:31:54 2012] [error] [client 119.63.196.27] File does not exist: > /usr/local/http/htdocs/robots.txt > [Tue May 22 09:32:25 2012] [error] [client 86.68.18.171] File does not exist: > /usr/local/http/htdocs/favicon.ico Certainly harmless and most common from crawlers and web browsers respectively. You may want to add a simple one line robots.txt file, and a simple default icon. > [Tue May 22 09:36:47 2012] [error] [client 89.144.206.157] File does not exist: > /usr/local/http/htdocs/thirdman/reichs/blank.gif, referer: > http://axion.physics.ubc.ca/thirdman/reichs/reichsbruecke.htm Your own mistake in the html, it seems. Can you interrupt one of the truly hosed processes using gdb and try 'thread apply all bt' --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|