Eskimo North

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Web

     Yes, it would but I have a fix in mind, just need to make some changes
to the routing.  I'm going to assign a seperate virtual address for, but a router filter in place to block that port from the
outside world (and we can put in exceptions for customers that have a need,
replication or whatever).

     The web server still isn't totally protected, it's a conflict between CIDR
routing and classful routing (the router doing CIDR and the server being
configured with seperate class C address spaces).

     So I have to change the routing to make everything match and that is best
done later at night because of the potential to break things.

 Eskimo North Linux Friendly Internet Access, Shell Accounts, and Hosting.
   Knowledgable human assistance, not telephone trees or script readers.
 See our web site: (206) 812-0051 or (800) 246-6874.

On Fri, 28 Sep 2007, Eric Jorgensen wrote:

> Date: Fri, 28 Sep 2007 15:06:35 -0700 (PDT)
> From: Eric Jorgensen <>
> To: Nanook <>
> Cc: Badger Clan <>,
> Subject: Re: Web
> On Wed, 26 Sep 2007, Nanook wrote:
> >
> >      Last night we had an incidence on our web server where output traffic all
> > the sudden shot up to about 60mbit/s and stayed there for more than an hour.
> >
> >      I was unable to determine the cause last night however, the server locked
> > up once and I had to reboot it, and then when it came back up there was some
> > strange behavior.
> >
> >      I found someone was SYN flooding the MySQL server port and so changed the
> > settings so that it does not listen for external connections.
> >
> >      However, I am concerned that someone may have some misbehaving PHP or CGI
> > scripts in their website.
> This seems to break CGIs/PHPs running with "" as the host,
> but still works with ones connecting to "localhost".
> Examples (PHPs):
>	(localhost)
>	(
> Worked with 'design' on the phones earlier to get his re-install of
> Wordpress working, swapping it to 'localhost'.  So in case folks call/email
> about broken database scripts, this might be the trick.
> We had the '' one setup initially in case of moving it
> around the servers (like ultra1 vs ultra7, etc.).