----- Original Message ----- > Hi everyone! > > First, images can be found here: > http://www.reddit.com/r/debian/comments/14jr2r/mod_proxy_unleashes_hell_on_my_server/ > > So this is the third time Im enabling mod_proxy on my Debian squeeze > server. > And every time I do this, all hell breaks out and attacks the server. > (see images above) It gets so bad that munin stops > generating stats as well. And according to the last stats from munin > before it went bonkers, I was hit by almost 3500 hits a minute. > So what is going on? I suspect the mod_proxy to some what "phone > home" to a bot network, cause like 2-3 seconds > after I enable the mod_proxy the attack starts. > > What can I do? Fascinating. 19 comments and none of them asks you for your actual setup. Can you please provide the valid parts of your configuration? What's the purpose of enabling mod_proxy? What mode (forward or reverse) is it running it? Are you advertising your use of mod_proxy in ServerTokens? Why will 3.5k hits a minute make your server go down? How is it sized? (Hardware, what other software is running on it, what are your MPM settings?) Are you running munin in that httpd instance? etc… > -Andreas i -- Igor Galić Tel: +43 (0) 664 886 22 883 Mail: i.galic@xxxxxxxxxxxxxx URL: http://brainsware.org/ GPG: 6880 4155 74BD FD7C B515 2EA5 4B1D 9E08 A097 C9AE --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|