Multiple CL/Centos6 + cPanel Servers crashing
Posted: Wed Jun 20, 2012 12:53 pm
Hello,
We've encountered a problem which seems to stem from using your latest delayed rules in conjunction with CentOs & Cloud Linux 6 + cPanel.
We've had the same problem on severs with Centos6+CloudLinux6, but not on CL/Centos5.
Here is our setup:
- Physical servers with 32GB of memory, no virtualisation.
- Cloud Linux6 64bit or Centos 6 64bit.
- Latest version of cPanel with apache build to latest version via EasyApache
- Using Mod_Sec from easy apache
And here is the problem:
When mod_sec is enabled, after a random period of time (usually less than a day), the server totally crashes due to running out of memory.
Before the server fully dies, a snapshot of top shows one httpd process using up a massive amount of memory.
For example:
One server, this was taken about 30 seconds before it crashed:
And another totally different server: (note that magnet is nothing more than an html website, no php, no database, just html)
If we disable mod_sec totally then the servers don't crash. We also don't seem to have the problem when using the standard cPanel issued rules.
We were hoping to roll out full ASL on some servers soon, but we've been unable to stop these servers from crashing so are worried about making the next move.
Do you have any suggestions on where to start looking?
We've encountered a problem which seems to stem from using your latest delayed rules in conjunction with CentOs & Cloud Linux 6 + cPanel.
We've had the same problem on severs with Centos6+CloudLinux6, but not on CL/Centos5.
Here is our setup:
- Physical servers with 32GB of memory, no virtualisation.
- Cloud Linux6 64bit or Centos 6 64bit.
- Latest version of cPanel with apache build to latest version via EasyApache
- Using Mod_Sec from easy apache
And here is the problem:
When mod_sec is enabled, after a random period of time (usually less than a day), the server totally crashes due to running out of memory.
Before the server fully dies, a snapshot of top shows one httpd process using up a massive amount of memory.
For example:
One server, this was taken about 30 seconds before it crashed:
Code: Select all
267017 nobody 20 0 12.5g 6.7g 2884 R 96.3 21.5 0:10.21 httpd
Code: Select all
387914 magnet 20 0 47.1g 25g 296 S 0.0 81.3 0:53.60 httpd
We were hoping to roll out full ASL on some servers soon, but we've been unable to stop these servers from crashing so are worried about making the next move.
Do you have any suggestions on where to start looking?