Announcement
Collapse
No announcement yet.
how to mitigate slow loris attacks when moving account to cloudlinux?
Collapse
This topic has been answered.
X
X
-
The default EP limit is set to 20 which means 20 entry processes are available for single user. The Entry Process is actually a connection apache->PHP which are usually fast. In case of slow loris attack this can help keeping other users secure and working normally.
-
Right now it is not on a CloudLinux server. Yes, they are PHP sites with large MySQL databases.
Leave a comment:
-
Are they PHP sites? Is it happening on CloudLinux server now? What are the limits and were there any faults? Please check the results with this command:
Code:lveinfo --period 24h --by-fault any
- Selected Answer
Leave a comment:
-
how to mitigate slow loris attacks when moving account to cloudlinux?
I have an account that a couple of times a week gets overloaded by what I think is called a slow loris attack. Apachectl status shows all or almost all W's and all the sites stop responding. It takes down the whole server for 5-10 minutes until the traffic clears or until I go in and restart apache. I am preparing to move it to a new server with cloudlinux installed along with all the LVE stuff including the sql governor. My question is what I should do to prepare the new server for moving this account? Are there steps I can take to head this off before the move? The new server is much more powerful than the old but still concerned about these repeated attacks.
I am assuming that CL will prevent the other three accounts on the new server from lagging out even if this other account is hit but what can I do to ensure this is a good move overall? We are already using a paid version of Cloudflare. Also running CSF for a firewall.Tags: None
Leave a comment: