Apache Processes using 100% CPU Time
-
- Starting out
- Posts: 31
- Joined: Wed Apr 21, 2010 6:39 am
Apache Processes using 100% CPU Time
Hi!
I have a strange problem with my web server.
After running without problems for some weeks - some apache tasks use 100% of cpu time.
After restarting apache everything works perfect for again - some weeks.
Please see the pictures attached.
Has anybody a idea?
Thank you
I have a strange problem with my web server.
After running without problems for some weeks - some apache tasks use 100% of cpu time.
After restarting apache everything works perfect for again - some weeks.
Please see the pictures attached.
Has anybody a idea?
Thank you
You do not have the required permissions to view the files attached to this post.
- pwilson
- Guru
- Posts: 22533
- Joined: Fri Mar 06, 2009 11:20 am
- Location: Victoria, BC, Canada (UTC-08:00)
Re: Apache Processes using 100% CPU Time
I'm afraid that your screenshots won't help much. The "Dashboard" itself is probably the big CPU user here. Your NAS is "drive bound". Delete a significant amount of data on your NAS, or upgrade to larger drives and performance will probably return to normal.gusa6666 wrote:Hi!
I have a strange problem with my web server.
After running without problems for some weeks - some apache tasks use 100% of cpu time.
After restarting apache everything works perfect for again - some weeks.
Please see the pictures attached.
Has anybody a idea?
Thank you
Your NAS is "Full". You have less than 5% of your space left.
Patrick M. Wilson
Victoria, BC Canada
QNAP TS-470 Pro w/ 4 * Western Digital WD30EFRX WD Reds (RAID5) - - Single 8.1TB Storage Pool FW: QTS 4.2.0 Build 20151023 - Kali Linux v1.06 (64bit)
Forums: View My Profile - Search My Posts - View My Photo - View My Location - Top Community Posters
QNAP: Turbo NAS User Manual - QNAP Wiki - QNAP Tutorials - QNAP FAQs
Please review: When you're asking a question, please include the following.
- schumaku
- Guru
- Posts: 43578
- Joined: Mon Jan 21, 2008 4:41 pm
- Location: Kloten (Zurich), Switzerland -- Skype: schumaku
- Contact:
Re: Apache Processes using 100% CPU Time
Troubleshoot the (unspecified) Web applications in place. Impossible to assist with some more insight.
-
- Starting out
- Posts: 22
- Joined: Fri Nov 22, 2013 3:52 pm
Re: Apache Processes using 100% CPU Time
It is problem my too.
Disc space 95% free.
QTS 4.0.7
Disc space 95% free.
QTS 4.0.7
- doktornotor
- Ask me anything
- Posts: 7472
- Joined: Tue Apr 24, 2012 5:44 am
Re: Apache Processes using 100% CPU Time
With absolutely NO information provided, you won't get any further than the OP here...jan.lex wrote:It is problem my too.
Disc space 95% free.
QTS 4.0.7
I'm gone from this forum till QNAP stop wasting volunteers' time. Get help from QNAP helpdesk instead.
Warning: offensive signature and materials damaging QNAP reputation follow:
QNAP's FW security issues
QNAP's hardware compatibility list madness
QNAP's new logo competition
Dear QNAP, kindly fire your clueless incompetent forum "admin" And while at it, don't forget the webmaster!
Warning: offensive signature and materials damaging QNAP reputation follow:
QNAP's FW security issues
QNAP's hardware compatibility list madness
QNAP's new logo competition
Dear QNAP, kindly fire your clueless incompetent forum "admin" And while at it, don't forget the webmaster!
-
- Starting out
- Posts: 22
- Joined: Fri Nov 22, 2013 3:52 pm
Re: Apache Processes using 100% CPU Time
Ok.doktornotor wrote:With absolutely NO information provided, you won't get any further than the OP here...jan.lex wrote:It is problem my too.
Disc space 95% free.
QTS 4.0.7
My QNAP:
TS-670 Pro
16Gb RAM (KHX16S9P1K2/16)
2x 4Tb HDD - WD4000FYYZ (RAID1 - encrypted)
1x Intel SSD S3700 200Gb (SSD Cache, Cache algorithm: LRU)
QTS 4.0.7 20140410
9x Virtual Hosts (Wordpress 3.8.x, Prestashop 1.5.x).
Normal status:
CPU (all core thread): 1-16%
Process httpusr: 0-3x
My problem (circa 1-2x week):
CPU (all core thread): 100%
Process httpusr: http://forum.qnap.com/download/file.php ... &mode=view
My temporary solution: /etc/init.d/Qthttpd.sh restart
Any idea?
-
- Starting out
- Posts: 22
- Joined: Fri Nov 22, 2013 3:52 pm
Re: Apache Processes using 100% CPU Time
It is attack on webserver.
My webs are czech language.
99,5% guests are from Czech Republic.
To 30 min my server is down (website not available)!!!
How can I protect my webserver?
61.191.xxx.xxx - China
198.20.xxx.xxx - UNITED STATES
122.155.xxx.xxx - THAILAND
178.63.xxx.xxx - GERMANY
157.55.xxx.xxx - UNITED STATES
37.140.xxx.xxx - RUSSIAN FEDERATION
37.58.xxx.xxx - NETHERLANDS
Apache access log:
Apache error log:
Apache - Active Log on Virtual Host:
My webs are czech language.
99,5% guests are from Czech Republic.
To 30 min my server is down (website not available)!!!
How can I protect my webserver?
61.191.xxx.xxx - China
198.20.xxx.xxx - UNITED STATES
122.155.xxx.xxx - THAILAND
178.63.xxx.xxx - GERMANY
157.55.xxx.xxx - UNITED STATES
37.140.xxx.xxx - RUSSIAN FEDERATION
37.58.xxx.xxx - NETHERLANDS
Apache access log:
Code: Select all
61.191.xxx.xxx - - [17/May/2014:04:38:27 +0200] "GET /muieblackcat HTTP/1.1" 404 229 "-" "-"
61.191.xxx.xxx - - [17/May/2014:04:38:28 +0200] "GET //phpAdmin/scripts/setup.php HTTP/1.1" 404 237 "-" "-"
61.191.xxx.xxx - - [17/May/2014:04:38:28 +0200] "GET //phpMyAdmin/scripts/setup.php HTTP/1.1" 404 238 "-" "-"
61.191.xxx.xxx - - [17/May/2014:04:38:29 +0200] "GET //phpmyadmin/scripts/setup.php HTTP/1.1" 404 238 "-" "-"
61.191.xxx.xxx - - [17/May/2014:04:38:29 +0200] "GET //myadmin/scripts/setup.php HTTP/1.1" 404 237 "-" "-"
61.191.xxx.xxx - - [17/May/2014:04:38:30 +0200] "GET //mysql/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
61.191.xxx.xxx - - [17/May/2014:04:38:31 +0200] "GET //mysqladmin/scripts/setup.php HTTP/1.1" 404 239 "-" "-"
61.191.xxx.xxx - - [17/May/2014:04:38:31 +0200] "GET //web/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
61.191.xxx.xxx - - [17/May/2014:04:38:32 +0200] "GET //websql/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
61.191.xxx.xxx - - [17/May/2014:04:38:32 +0200] "GET //pMA/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
61.191.xxx.xxx - - [17/May/2014:04:38:33 +0200] "GET //MyAdmin/scripts/setup.php HTTP/1.1" 404 237 "-" "-"
61.191.xxx.xxx - - [17/May/2014:04:38:34 +0200] "GET //PHPMYADMIN/scripts/setup.php HTTP/1.1" 404 239 "-" "-"
61.191.xxx.xxx - - [17/May/2014:04:38:35 +0200] "GET //PMA/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
61.191.xxx.xxx - - [17/May/2014:04:38:36 +0200] "GET //SQL/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
61.191.xxx.xxx - - [17/May/2014:04:38:37 +0200] "GET //db/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
61.191.xxx.xxx - - [17/May/2014:04:38:37 +0200] "GET //dbadmin/scripts/setup.php HTTP/1.1" 404 237 "-" "-"
61.191.xxx.xxx - - [17/May/2014:04:38:39 +0200] "GET //pHpMyAdMiN/scripts/setup.php HTTP/1.1" 404 239 "-" "-"
61.191.xxx.xxx - - [17/May/2014:04:38:41 +0200] "GET //pma/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
61.191.xxx.xxx - - [17/May/2014:04:38:42 +0200] "GET //sql/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
61.191.xxx.xxx - - [17/May/2014:04:38:42 +0200] "GET //MySQLAdmin/scripts/setup.php HTTP/1.1" 404 240 "-" "-"
61.191.xxx.xxx - - [17/May/2014:04:38:46 +0200] "GET / HTTP/1.1" 200 253 "-" "-"
198.20.xxx.xxx - - [17/May/2014:05:24:07 +0200] "GET / HTTP/1.1" 200 319 "-" "-"
198.20.xxx.xxx - - [17/May/2014:05:24:07 +0200] "GET /robots.txt HTTP/1.1" 404 271 "-" "-"
122.155.xxx.xxx - - [17/May/2014:05:42:36 +0200] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 250 "-" "ZmEu"
122.155.xxx.xxx - - [17/May/2014:05:42:37 +0200] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 238 "-" "ZmEu"
122.155.xxx.xxx - - [17/May/2014:05:42:38 +0200] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 238 "-" "ZmEu"
122.155.xxx.xxx - - [17/May/2014:05:42:39 +0200] "GET /pma/scripts/setup.php HTTP/1.1" 404 234 "-" "ZmEu"
122.155.xxx.xxx - - [17/May/2014:05:42:40 +0200] "GET /myadmin/scripts/setup.php HTTP/1.1" 404 237 "-" "ZmEu"
122.155.xxx.xxx - - [17/May/2014:05:42:40 +0200] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 237 "-" "ZmEu"
Code: Select all
[Sat May 17 15:33:14 2014] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 8 children, there are 4 idle, and 20 total children
[Sat May 17 15:53:06 2014] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 8 children, there are 3 idle, and 25 total children
[Sat May 17 16:46:12 2014] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 8 children, there are 4 idle, and 34 total children
[Sat May 17 17:09:19 2014] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 8 children, there are 4 idle, and 26 total children
[Sat May 17 17:12:55 2014] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 8 children, there are 3 idle, and 29 total children
[Sat May 17 17:14:30 2014] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 8 children, there are 4 idle, and 28 total children
[Sat May 17 17:15:09 2014] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 8 children, there are 0 idle, and 27 total children
[Sat May 17 17:21:44 2014] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 8 children, there are 2 idle, and 34 total children
[Sat May 17 17:24:42 2014] [notice] Graceful restart requested, doing restart
[Sat May 17 17:24:42 2014] [error] (9)Bad file descriptor: apr_socket_accept: (client socket)
apache: Could not reliably determine the server's fully qualified domain name, using 192.168.77.2 for ServerName
[Sat May 17 17:24:42 2014] [info] Init: Seeding PRNG with 512 bytes of entropy
[Sat May 17 17:24:42 2014] [info] Init: Generating temporary RSA private keys (512/1024 bits)
[Sat May 17 17:24:42 2014] [info] Init: Generating temporary DH parameters (512/1024 bits)
[Sat May 17 17:24:42 2014] [info] Shared memory session cache initialised
[Sat May 17 17:24:42 2014] [info] Init: Initializing (virtual) servers for SSL
[Sat May 17 17:24:42 2014] [info] mod_ssl/2.2.14 compiled against Server: Apache/2.2.14, Library: OpenSSL/1.0.1e
[Sat May 17 17:24:42 2014] [notice] Apache/2.2.14 (Unix) DAV/2 PHP/5.3.26 mod_ssl/2.2.14 OpenSSL/1.0.1e configured -- resuming normal operations
[Sat May 17 17:24:42 2014] [info] Server built: Apr 10 2014 01:32:01
Code: Select all
.....................
178.63.xxx.xxx - - [17/May/2014:16:47:37 +0200] "GET /robots.txt HTTP/1.0" 200 98
178.63.xxx.xxx - - [17/May/2014:16:47:42 +0200] "GET /direct/1919-website-79155-22-12-gently-stropn%C3%AD-sv%C3%ADtet.html HTTP/1.0" 301 -
178.63.xxx.xxx - - [17/May/2014:16:47:45 +0200] "GET /direct/1919-website-31460-04-31-collom-z%C3%A1v%C4%9Bsn%C3%A9-sv%C3%ADtet.html HTTP/1.0" 200 37725
157.55.xxx.xxx - - [17/May/2014:16:47:47 +0200] "GET /direct/65-st%C3%ADnidla HTTP/1.1" 200 7713
157.55.xxx.xxx - - [17/May/2014:16:47:48 +0200] "GET /direct/9-koupelnov%C3%A1-sv%C3%ADtidla HTTP/1.1" 200 5001
178.63.xxx.xxx - - [17/May/2014:16:47:50 +0200] "GET /direct/1928-website-13408-12-12-atomita-z%C3%A1v%C4%9Bsn%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26
157.55.xxx.xxx - - [17/May/2014:16:47:49 +0200] "GET /direct/?mobile_theme_ok HTTP/1.1" 200 2905
178.63.xxx.xxx - - [17/May/2014:16:47:53 +0200] "GET /direct/1928-website-31320-02-21-berkley-z%C3%A1v%C4%9Bsn%C3%A9-sv%C3%ADtet.html HTTP/1.0" 200 8918
37.140.xxx.xxx - - [17/May/2014:16:48:00 +0200] "GET /direct/kosik?add=1&id_product=2787&token=fbab0edb6306231c49405d773288c3a6 HTTP/1.1" 200 4725
178.63.xxx.xxx - - [17/May/2014:16:48:05 +0200] "GET /direct/195-website-12946-22-12-arduno-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:48:08 +0200] "GET /direct/195-website-17953-74-12-sv%C3%ADtet.html HTTP/1.0" 404 4745
178.63.xxx.xxx - - [17/May/2014:16:48:11 +0200] "GET /robots.txt HTTP/1.0" 200 98
178.63.xxx.xxx - - [17/May/2014:16:48:16 +0200] "GET /direct/1953-website-33708-25-12-atoma-stojac%C3%AD-sve.html HTTP/1.0" 301 -
178.63.xxx.xxx - - [17/May/2014:16:48:19 +0200] "GET /direct/1953-website-71399-05-97-dorint-z%C3%A1v%C4%9Bsn%C3%A9-sv%C3%ADtet.html HTTP/1.0" 200 37730
178.63.xxx.xxx - - [17/May/2014:16:48:23 +0200] "GET /direct/196-website-12946-21-12-arduno-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:48:25 +0200] "GET /direct/196-website-17953-73-12-sv%C3%ADtet.html HTTP/1.0" 404 4743
178.63.xxx.xxx - - [17/May/2014:16:48:29 +0200] "GET /direct/1974-website-31741-01-30-cri-stojac%C3%AD-sve.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:48:33 +0200] "GET /direct/1974-website-13000-16-36-sv%C3%ADtet.html HTTP/1.0" 404 4759
178.63.xxx.xxx - - [17/May/2014:16:48:36 +0200] "GET /direct/1982-website-14550-81-85-kaddy-stoln?-sve.html HTTP/1.0" 302 26
178.63.xxx.xxx - - [17/May/2014:16:48:40 +0200] "GET /direct/stranka-nenalezena HTTP/1.0" 404 4940
178.63.xxx.xxx - - [17/May/2014:16:48:43 +0200] "GET /direct/199-website-12122-06-03-birdies-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:48:46 +0200] "GET /direct/199-website-17904-74-12-sv%C3%ADtet.html HTTP/1.0" 404 4745
178.63.xxx.xxx - - [17/May/2014:16:48:49 +0200] "GET /direct/203-website-79160-29-12-harco-stropn%C3%AD-sv%C3%ADtet.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:48:51 +0200] "GET /direct/203-website-27813-02-30-sv%C3%ADtet-venkovn%C3%AD.html HTTP/1.0" 200 8695
178.63.xxx.xxx - - [17/May/2014:16:48:55 +0200] "GET /direct/2031-website-12944-21-30-magnet-spot-led-sv%C3%ADtet.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:48:58 +0200] "GET /direct/2031-website-22610-02-36-tuba-led-sv%C3%ADtet.html HTTP/1.0" 404 4764
178.63.xxx.xxx - - [17/May/2014:16:49:01 +0200] "GET /direct/2032-website-79157-32-60-kirsten-stropn%C3%AD-sv%C3%ADtet.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:49:03 +0200] "GET /direct/2032-website-28907-22-31-brice-led-vestavn%C3%A9-sv%C3%ADtet.html HTTP/1.0" 200 8968
178.63.xxx.xxx - - [17/May/2014:16:49:09 +0200] "GET /direct/2036-website-79105-02-72-rasti-stropn%C3%AD-sv%C3%ADtet.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:49:13 +0200] "GET /direct/2036-website-22906-23-31-led-set-vestavn%C3%A9-sv%C3%ADtet-set-3ks.html HTTP/1.0" 200 8982
178.63.xxx.xxx - - [17/May/2014:16:49:17 +0200] "GET /direct/2037-website-79105-03-72-rasti-stropn%C3%AD-sv%C3%ADtet.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:49:22 +0200] "GET /direct/2037-website-22906-23-12-led-set-vestavn%C3%A9-sv%C3%ADtet-set-3ks.html HTTP/1.0" 404 4764
178.63.xxx.xxx - - [17/May/2014:16:49:25 +0200] "GET /direct/205-website-12917-25-12-torino-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:49:27 +0200] "GET /direct/205-website-27813-01-30-sv%C3%ADtet-venkovn%C3%AD.html HTTP/1.0" 404 4746
178.63.xxx.xxx - - [17/May/2014:16:49:31 +0200] "GET /direct/206-website-12917-25-13-torino-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:49:35 +0200] "GET /direct/206-website-27813-01-36-sv%C3%ADtet-venkovn%C3%AD.html HTTP/1.0" 200 8691
178.63.xxx.xxx - - [17/May/2014:16:49:39 +0200] "GET /direct/213-website-12917-22-13-torino-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:49:43 +0200] "GET /direct/213-website-12995-24-72-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 404 4745
178.63.xxx.xxx - - [17/May/2014:16:49:47 +0200] "GET /direct/2170-website-12944-14-30-magnet-spot-led-sv%C3%ADtet.html HTTP/1.0" 404 4760
178.63.xxx.xxx - - [17/May/2014:16:49:51 +0200] "GET /direct/2174-website-26901-71-30-viny-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:49:54 +0200] "GET /direct/2174-website-12944-24-30-magnet-spot-led-sv%C3%ADtet.html HTTP/1.0" 404 4760
178.63.xxx.xxx - - [17/May/2014:16:49:57 +0200] "GET /direct/2178-website-21400-33-67-leone-z%C3%A1v%C4%9Bsn%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:50:07 +0200] "GET /direct/2178-website-17943-21-12-cargo-led-sv%C3%ADtet.html HTTP/1.0" 200 8925
178.63.xxx.xxx - - [17/May/2014:16:50:12 +0200] "GET /direct/2181-website-18712-02-31-kizmo-stojac%C3%AD-sve.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:50:13 +0200] "GET /direct/2181-website-12916-22-12-noxx-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 200 8908
178.63.xxx.xxx - - [17/May/2014:16:50:21 +0200] "GET /direct/2182-website-18713-02-31-kizmo-stojac%C3%AD-sve.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:50:24 +0200] "GET /direct/2182-website-12916-21-12-noxx-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 200 8909
178.63.xxx.xxx - - [17/May/2014:16:50:30 +0200] "GET /direct/2183-website-12121-06-03-birdies-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:50:34 +0200] "GET /direct/2183-website-12916-13-12-noxx-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 200 8911
178.63.xxx.xxx - - [17/May/2014:16:50:40 +0200] "GET /direct/22-li??-syst??my HTTP/1.0" 301 26
37.140.xxx.xxx - - [17/May/2014:16:50:42 +0200] "GET /robots.txt HTTP/1.1" 200 98
178.63.xxx.xxx - - [17/May/2014:16:50:45 +0200] "GET /direct/22-li%C5%A1tov%C3%A9-syst%C3%A9my HTTP/1.0" 404 4824
37.140.xxx.xxx - - [17/May/2014:16:50:46 +0200] "GET /direct/kosik?add=1&id_product=3036&token=fbab0edb6306231c49405d773288c3a6 HTTP/1.1" 200 4727
178.63.xxx.xxx - - [17/May/2014:16:50:51 +0200] "GET /direct/22-li?-syst??my HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:50:53 +0200] "GET /direct/22-li%C5%A1tov%C3%A9-syst%C3%A9my HTTP/1.0" 404 4824
178.63.xxx.xxx - - [17/May/2014:16:50:58 +0200] "GET /direct/223-website-28852-23-31-kwinto-venkovn%C3%AD-sv%C3%ADtet.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:51:01 +0200] "GET /direct/223-website-11953-13-31-sv%C3%ADtet.html HTTP/1.0" 404 4745
178.63.xxx.xxx - - [17/May/2014:16:51:04 +0200] "GET /direct/225-website-10873-50-12-dock-venkovn%C3%AD-sv%C3%ADtet.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:51:07 +0200] "GET /direct/225-website-12993-23-11-sv%C3%ADtet.html HTTP/1.0" 404 4746
178.63.xxx.xxx - - [17/May/2014:16:51:12 +0200] "GET /direct/2285-website-78260-02-97-luberon-n%C3%A1st%C4%9Bnn%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:51:14 +0200] "GET /direct/2285-website-16953-03-36-birk-led-sv%C3%ADtet.html HTTP/1.0" 200 8941
178.63.xxx.xxx - - [17/May/2014:16:51:17 +0200] "GET /robots.txt HTTP/1.0" 200 98
178.63.xxx.xxx - - [17/May/2014:16:51:22 +0200] "GET /direct/229-website-12919-13-96-sv%C3%ADtet.html HTTP/1.0" 301 -
178.63.xxx.xxx - - [17/May/2014:16:51:25 +0200] "GET /direct/229-website-23724-01-31-sv%C3%ADtet.html HTTP/1.0" 200 36374
178.63.xxx.xxx - - [17/May/2014:16:51:30 +0200] "GET /direct/2291-website-31642-71-39-comet-stoln%C3%AD-sve.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:51:35 +0200] "GET /direct/2291-website-17949-21-11-lana-led-sv%C3%ADtet.html HTTP/1.0" 200 8887
178.63.xxx.xxx - - [17/May/2014:16:51:40 +0200] "GET /direct/2294-website-31734-02-31-chapeau-stojac%C3%AD-sve.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:51:42 +0200] "GET /direct/2294-website-26950-21-09-mini-comet-led-sv%C3%ADtet.html HTTP/1.0" 200 8953
178.63.xxx.xxx - - [17/May/2014:16:51:46 +0200] "GET /direct/2295-website-31734-02-30-chapeau-stojac%C3%AD-sve.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:51:50 +0200] "GET /direct/2295-website-26950-22-09-mini-comet-led-sv%C3%ADtet.html HTTP/1.0" 200 8960
178.63.xxx.xxx - - [17/May/2014:16:51:54 +0200] "GET /direct/2303-website-28856-21-30-jura-venkovn%C3%AD-sv%C3%ADtet.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:52:00 +0200] "GET /direct/2303-website-70564-01-30-sv%C3%ADtet.html HTTP/1.0" 200 8912
178.63.xxx.xxx - - [17/May/2014:16:52:04 +0200] "GET /direct/2353-website-78502-01-01-arabba-stoln%C3%AD-sve.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:52:08 +0200] "GET /direct/2353-website-12685-21-12-geos-stoln%C3%AD-sve.html HTTP/1.0" 200 8898
178.63.xxx.xxx - - [17/May/2014:16:52:14 +0200] "GET /direct/2354-website-78502-01-09-arabba-stoln%C3%AD-sve.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:52:17 +0200] "GET /direct/2354-website-12685-21-03-geos-stoln%C3%AD-sve.html HTTP/1.0" 200 8897
178.63.xxx.xxx - - [17/May/2014:16:52:25 +0200] "GET /direct/2357-website-12619-22-12-bergamo-stoln%C3%AD-sve.html HTTP/1.0" 404 4756
178.63.xxx.xxx - - [17/May/2014:16:52:28 +0200] "GET /direct/2360-website-17947-71-12-ribo-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:52:30 +0200] "GET /direct/2360-website-16633-21-12-anga-stoln%C3%AD-sve.html HTTP/1.0" 200 8896
178.63.xxx.xxx - - [17/May/2014:16:52:38 +0200] "GET /direct/2361-website-17947-72-12-ribo-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26
37.58.xxx.xxx - - [17/May/2014:16:52:41 +0200] "GET /direct/1908-website-61455-50-41-cliff-záv& HTTP/1.1" 404 4940
178.63.xxx.xxx - - [17/May/2014:16:52:41 +0200] "GET /direct/2361-website-16633-21-03-anga-stoln%C3%AD-sve.html HTTP/1.0" 200 8889
178.63.xxx.xxx - - [17/May/2014:16:52:47 +0200] "GET /direct/2362-website-17947-73-12-ribo-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:52:53 +0200] "GET /direct/2362-website-17558-81-31-swing-stoln%C3%AD-sve.html HTTP/1.0" 200 8900
178.63.xxx.xxx - - [17/May/2014:16:52:58 +0200] "GET /direct/2363-website-17947-74-12-ribo-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:53:01 +0200] "GET /direct/2363-website-31541-01-39-cri-stoln%C3%AD-sve.html HTTP/1.0" 200 8853
178.63.xxx.xxx - - [17/May/2014:16:53:06 +0200] "GET /direct/2388-website-61006-45-38-pince-st%C3%ADnidlo.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:53:07 +0200] "GET /direct/2388-website-17558-81-43-swing-stoln%C3%AD-sve.html HTTP/1.0" 200 8901
178.63.xxx.xxx - - [17/May/2014:16:53:14 +0200] "GET /direct/2390-website-61003-45-38-pince-st%C3%ADnidlo.html HTTP/1.0" 301 26
178.63.xxx.xxx - - [17/May/2014:16:53:16 +0200] "GET /direct/2390-website-12679-01-97-anfy-stoln%C3%AD-sve.html HTTP/1.0" 200 8883
178.63.xxx.xxx - - [17/May/2014:16:53:20 +0200] "GET...............
- pwilson
- Guru
- Posts: 22533
- Joined: Fri Mar 06, 2009 11:20 am
- Location: Victoria, BC, Canada (UTC-08:00)
Re: Apache Processes using 100% CPU Time
So "whitelist" all the Czech IP ranges that are likely to access your NAS. This will prevent all non-Czech IP addresses from connecting to your WebServer. Obviously it is best to do this in your Router, but if your Router doesn't have a decent Firewall on it, simply use the Network Access Protection feature of the NAS.jan.lex wrote:It is attack on webserver.
My webs are czech language.
99,5% guests are from Czech Republic.
61.191.xxx.xxx - China
198.20.xxx.xxx - UNITED STATES
122.155.xxx.xxx - THAILAND
178.63.xxx.xxx - GERMANY
157.55.xxx.xxx - UNITED STATES
37.140.xxx.xxx - RUSSIAN FEDERATION
37.58.xxx.xxx - NETHERLANDS
Apache access log:Apache error log:Code: Select all
61.191.xxx.xxx - - [17/May/2014:04:38:27 +0200] "GET /muieblackcat HTTP/1.1" 404 229 "-" "-" 61.191.xxx.xxx - - [17/May/2014:04:38:28 +0200] "GET //phpAdmin/scripts/setup.php HTTP/1.1" 404 237 "-" "-" 61.191.xxx.xxx - - [17/May/2014:04:38:28 +0200] "GET //phpMyAdmin/scripts/setup.php HTTP/1.1" 404 238 "-" "-" 61.191.xxx.xxx - - [17/May/2014:04:38:29 +0200] "GET //phpmyadmin/scripts/setup.php HTTP/1.1" 404 238 "-" "-" 61.191.xxx.xxx - - [17/May/2014:04:38:29 +0200] "GET //myadmin/scripts/setup.php HTTP/1.1" 404 237 "-" "-" 61.191.xxx.xxx - - [17/May/2014:04:38:30 +0200] "GET //mysql/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 61.191.xxx.xxx - - [17/May/2014:04:38:31 +0200] "GET //mysqladmin/scripts/setup.php HTTP/1.1" 404 239 "-" "-" 61.191.xxx.xxx - - [17/May/2014:04:38:31 +0200] "GET //web/scripts/setup.php HTTP/1.1" 404 234 "-" "-" 61.191.xxx.xxx - - [17/May/2014:04:38:32 +0200] "GET //websql/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 61.191.xxx.xxx - - [17/May/2014:04:38:32 +0200] "GET //pMA/scripts/setup.php HTTP/1.1" 404 234 "-" "-" 61.191.xxx.xxx - - [17/May/2014:04:38:33 +0200] "GET //MyAdmin/scripts/setup.php HTTP/1.1" 404 237 "-" "-" 61.191.xxx.xxx - - [17/May/2014:04:38:34 +0200] "GET //PHPMYADMIN/scripts/setup.php HTTP/1.1" 404 239 "-" "-" 61.191.xxx.xxx - - [17/May/2014:04:38:35 +0200] "GET //PMA/scripts/setup.php HTTP/1.1" 404 234 "-" "-" 61.191.xxx.xxx - - [17/May/2014:04:38:36 +0200] "GET //SQL/scripts/setup.php HTTP/1.1" 404 234 "-" "-" 61.191.xxx.xxx - - [17/May/2014:04:38:37 +0200] "GET //db/scripts/setup.php HTTP/1.1" 404 232 "-" "-" 61.191.xxx.xxx - - [17/May/2014:04:38:37 +0200] "GET //dbadmin/scripts/setup.php HTTP/1.1" 404 237 "-" "-" 61.191.xxx.xxx - - [17/May/2014:04:38:39 +0200] "GET //pHpMyAdMiN/scripts/setup.php HTTP/1.1" 404 239 "-" "-" 61.191.xxx.xxx - - [17/May/2014:04:38:41 +0200] "GET //pma/scripts/setup.php HTTP/1.1" 404 234 "-" "-" 61.191.xxx.xxx - - [17/May/2014:04:38:42 +0200] "GET //sql/scripts/setup.php HTTP/1.1" 404 234 "-" "-" 61.191.xxx.xxx - - [17/May/2014:04:38:42 +0200] "GET //MySQLAdmin/scripts/setup.php HTTP/1.1" 404 240 "-" "-" 61.191.xxx.xxx - - [17/May/2014:04:38:46 +0200] "GET / HTTP/1.1" 200 253 "-" "-" 198.20.xxx.xxx - - [17/May/2014:05:24:07 +0200] "GET / HTTP/1.1" 200 319 "-" "-" 198.20.xxx.xxx - - [17/May/2014:05:24:07 +0200] "GET /robots.txt HTTP/1.1" 404 271 "-" "-" 122.155.xxx.xxx - - [17/May/2014:05:42:36 +0200] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 250 "-" "ZmEu" 122.155.xxx.xxx - - [17/May/2014:05:42:37 +0200] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 238 "-" "ZmEu" 122.155.xxx.xxx - - [17/May/2014:05:42:38 +0200] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 238 "-" "ZmEu" 122.155.xxx.xxx - - [17/May/2014:05:42:39 +0200] "GET /pma/scripts/setup.php HTTP/1.1" 404 234 "-" "ZmEu" 122.155.xxx.xxx - - [17/May/2014:05:42:40 +0200] "GET /myadmin/scripts/setup.php HTTP/1.1" 404 237 "-" "ZmEu" 122.155.xxx.xxx - - [17/May/2014:05:42:40 +0200] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 237 "-" "ZmEu"
Apache - Active Log on Virtual Host:Code: Select all
[Sat May 17 15:33:14 2014] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 8 children, there are 4 idle, and 20 total children [Sat May 17 15:53:06 2014] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 8 children, there are 3 idle, and 25 total children [Sat May 17 16:46:12 2014] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 8 children, there are 4 idle, and 34 total children [Sat May 17 17:09:19 2014] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 8 children, there are 4 idle, and 26 total children [Sat May 17 17:12:55 2014] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 8 children, there are 3 idle, and 29 total children [Sat May 17 17:14:30 2014] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 8 children, there are 4 idle, and 28 total children [Sat May 17 17:15:09 2014] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 8 children, there are 0 idle, and 27 total children [Sat May 17 17:21:44 2014] [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 8 children, there are 2 idle, and 34 total children [Sat May 17 17:24:42 2014] [notice] Graceful restart requested, doing restart [Sat May 17 17:24:42 2014] [error] (9)Bad file descriptor: apr_socket_accept: (client socket) apache: Could not reliably determine the server's fully qualified domain name, using 192.168.77.2 for ServerName [Sat May 17 17:24:42 2014] [info] Init: Seeding PRNG with 512 bytes of entropy [Sat May 17 17:24:42 2014] [info] Init: Generating temporary RSA private keys (512/1024 bits) [Sat May 17 17:24:42 2014] [info] Init: Generating temporary DH parameters (512/1024 bits) [Sat May 17 17:24:42 2014] [info] Shared memory session cache initialised [Sat May 17 17:24:42 2014] [info] Init: Initializing (virtual) servers for SSL [Sat May 17 17:24:42 2014] [info] mod_ssl/2.2.14 compiled against Server: Apache/2.2.14, Library: OpenSSL/1.0.1e [Sat May 17 17:24:42 2014] [notice] Apache/2.2.14 (Unix) DAV/2 PHP/5.3.26 mod_ssl/2.2.14 OpenSSL/1.0.1e configured -- resuming normal operations [Sat May 17 17:24:42 2014] [info] Server built: Apr 10 2014 01:32:01
Code: Select all
..................... 178.63.xxx.xxx - - [17/May/2014:16:47:37 +0200] "GET /robots.txt HTTP/1.0" 200 98 178.63.xxx.xxx - - [17/May/2014:16:47:42 +0200] "GET /direct/1919-website-79155-22-12-gently-stropn%C3%AD-sv%C3%ADtet.html HTTP/1.0" 301 - 178.63.xxx.xxx - - [17/May/2014:16:47:45 +0200] "GET /direct/1919-website-31460-04-31-collom-z%C3%A1v%C4%9Bsn%C3%A9-sv%C3%ADtet.html HTTP/1.0" 200 37725 157.55.xxx.xxx - - [17/May/2014:16:47:47 +0200] "GET /direct/65-st%C3%ADnidla HTTP/1.1" 200 7713 157.55.xxx.xxx - - [17/May/2014:16:47:48 +0200] "GET /direct/9-koupelnov%C3%A1-sv%C3%ADtidla HTTP/1.1" 200 5001 178.63.xxx.xxx - - [17/May/2014:16:47:50 +0200] "GET /direct/1928-website-13408-12-12-atomita-z%C3%A1v%C4%9Bsn%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26 157.55.xxx.xxx - - [17/May/2014:16:47:49 +0200] "GET /direct/?mobile_theme_ok HTTP/1.1" 200 2905 178.63.xxx.xxx - - [17/May/2014:16:47:53 +0200] "GET /direct/1928-website-31320-02-21-berkley-z%C3%A1v%C4%9Bsn%C3%A9-sv%C3%ADtet.html HTTP/1.0" 200 8918 37.140.xxx.xxx - - [17/May/2014:16:48:00 +0200] "GET /direct/kosik?add=1&id_product=2787&token=fbab0edb6306231c49405d773288c3a6 HTTP/1.1" 200 4725 178.63.xxx.xxx - - [17/May/2014:16:48:05 +0200] "GET /direct/195-website-12946-22-12-arduno-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:48:08 +0200] "GET /direct/195-website-17953-74-12-sv%C3%ADtet.html HTTP/1.0" 404 4745 178.63.xxx.xxx - - [17/May/2014:16:48:11 +0200] "GET /robots.txt HTTP/1.0" 200 98 178.63.xxx.xxx - - [17/May/2014:16:48:16 +0200] "GET /direct/1953-website-33708-25-12-atoma-stojac%C3%AD-sve.html HTTP/1.0" 301 - 178.63.xxx.xxx - - [17/May/2014:16:48:19 +0200] "GET /direct/1953-website-71399-05-97-dorint-z%C3%A1v%C4%9Bsn%C3%A9-sv%C3%ADtet.html HTTP/1.0" 200 37730 178.63.xxx.xxx - - [17/May/2014:16:48:23 +0200] "GET /direct/196-website-12946-21-12-arduno-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:48:25 +0200] "GET /direct/196-website-17953-73-12-sv%C3%ADtet.html HTTP/1.0" 404 4743 178.63.xxx.xxx - - [17/May/2014:16:48:29 +0200] "GET /direct/1974-website-31741-01-30-cri-stojac%C3%AD-sve.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:48:33 +0200] "GET /direct/1974-website-13000-16-36-sv%C3%ADtet.html HTTP/1.0" 404 4759 178.63.xxx.xxx - - [17/May/2014:16:48:36 +0200] "GET /direct/1982-website-14550-81-85-kaddy-stoln?-sve.html HTTP/1.0" 302 26 178.63.xxx.xxx - - [17/May/2014:16:48:40 +0200] "GET /direct/stranka-nenalezena HTTP/1.0" 404 4940 178.63.xxx.xxx - - [17/May/2014:16:48:43 +0200] "GET /direct/199-website-12122-06-03-birdies-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:48:46 +0200] "GET /direct/199-website-17904-74-12-sv%C3%ADtet.html HTTP/1.0" 404 4745 178.63.xxx.xxx - - [17/May/2014:16:48:49 +0200] "GET /direct/203-website-79160-29-12-harco-stropn%C3%AD-sv%C3%ADtet.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:48:51 +0200] "GET /direct/203-website-27813-02-30-sv%C3%ADtet-venkovn%C3%AD.html HTTP/1.0" 200 8695 178.63.xxx.xxx - - [17/May/2014:16:48:55 +0200] "GET /direct/2031-website-12944-21-30-magnet-spot-led-sv%C3%ADtet.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:48:58 +0200] "GET /direct/2031-website-22610-02-36-tuba-led-sv%C3%ADtet.html HTTP/1.0" 404 4764 178.63.xxx.xxx - - [17/May/2014:16:49:01 +0200] "GET /direct/2032-website-79157-32-60-kirsten-stropn%C3%AD-sv%C3%ADtet.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:49:03 +0200] "GET /direct/2032-website-28907-22-31-brice-led-vestavn%C3%A9-sv%C3%ADtet.html HTTP/1.0" 200 8968 178.63.xxx.xxx - - [17/May/2014:16:49:09 +0200] "GET /direct/2036-website-79105-02-72-rasti-stropn%C3%AD-sv%C3%ADtet.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:49:13 +0200] "GET /direct/2036-website-22906-23-31-led-set-vestavn%C3%A9-sv%C3%ADtet-set-3ks.html HTTP/1.0" 200 8982 178.63.xxx.xxx - - [17/May/2014:16:49:17 +0200] "GET /direct/2037-website-79105-03-72-rasti-stropn%C3%AD-sv%C3%ADtet.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:49:22 +0200] "GET /direct/2037-website-22906-23-12-led-set-vestavn%C3%A9-sv%C3%ADtet-set-3ks.html HTTP/1.0" 404 4764 178.63.xxx.xxx - - [17/May/2014:16:49:25 +0200] "GET /direct/205-website-12917-25-12-torino-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:49:27 +0200] "GET /direct/205-website-27813-01-30-sv%C3%ADtet-venkovn%C3%AD.html HTTP/1.0" 404 4746 178.63.xxx.xxx - - [17/May/2014:16:49:31 +0200] "GET /direct/206-website-12917-25-13-torino-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:49:35 +0200] "GET /direct/206-website-27813-01-36-sv%C3%ADtet-venkovn%C3%AD.html HTTP/1.0" 200 8691 178.63.xxx.xxx - - [17/May/2014:16:49:39 +0200] "GET /direct/213-website-12917-22-13-torino-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:49:43 +0200] "GET /direct/213-website-12995-24-72-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 404 4745 178.63.xxx.xxx - - [17/May/2014:16:49:47 +0200] "GET /direct/2170-website-12944-14-30-magnet-spot-led-sv%C3%ADtet.html HTTP/1.0" 404 4760 178.63.xxx.xxx - - [17/May/2014:16:49:51 +0200] "GET /direct/2174-website-26901-71-30-viny-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:49:54 +0200] "GET /direct/2174-website-12944-24-30-magnet-spot-led-sv%C3%ADtet.html HTTP/1.0" 404 4760 178.63.xxx.xxx - - [17/May/2014:16:49:57 +0200] "GET /direct/2178-website-21400-33-67-leone-z%C3%A1v%C4%9Bsn%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:50:07 +0200] "GET /direct/2178-website-17943-21-12-cargo-led-sv%C3%ADtet.html HTTP/1.0" 200 8925 178.63.xxx.xxx - - [17/May/2014:16:50:12 +0200] "GET /direct/2181-website-18712-02-31-kizmo-stojac%C3%AD-sve.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:50:13 +0200] "GET /direct/2181-website-12916-22-12-noxx-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 200 8908 178.63.xxx.xxx - - [17/May/2014:16:50:21 +0200] "GET /direct/2182-website-18713-02-31-kizmo-stojac%C3%AD-sve.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:50:24 +0200] "GET /direct/2182-website-12916-21-12-noxx-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 200 8909 178.63.xxx.xxx - - [17/May/2014:16:50:30 +0200] "GET /direct/2183-website-12121-06-03-birdies-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:50:34 +0200] "GET /direct/2183-website-12916-13-12-noxx-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 200 8911 178.63.xxx.xxx - - [17/May/2014:16:50:40 +0200] "GET /direct/22-li??-syst??my HTTP/1.0" 301 26 37.140.xxx.xxx - - [17/May/2014:16:50:42 +0200] "GET /robots.txt HTTP/1.1" 200 98 178.63.xxx.xxx - - [17/May/2014:16:50:45 +0200] "GET /direct/22-li%C5%A1tov%C3%A9-syst%C3%A9my HTTP/1.0" 404 4824 37.140.xxx.xxx - - [17/May/2014:16:50:46 +0200] "GET /direct/kosik?add=1&id_product=3036&token=fbab0edb6306231c49405d773288c3a6 HTTP/1.1" 200 4727 178.63.xxx.xxx - - [17/May/2014:16:50:51 +0200] "GET /direct/22-li?-syst??my HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:50:53 +0200] "GET /direct/22-li%C5%A1tov%C3%A9-syst%C3%A9my HTTP/1.0" 404 4824 178.63.xxx.xxx - - [17/May/2014:16:50:58 +0200] "GET /direct/223-website-28852-23-31-kwinto-venkovn%C3%AD-sv%C3%ADtet.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:51:01 +0200] "GET /direct/223-website-11953-13-31-sv%C3%ADtet.html HTTP/1.0" 404 4745 178.63.xxx.xxx - - [17/May/2014:16:51:04 +0200] "GET /direct/225-website-10873-50-12-dock-venkovn%C3%AD-sv%C3%ADtet.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:51:07 +0200] "GET /direct/225-website-12993-23-11-sv%C3%ADtet.html HTTP/1.0" 404 4746 178.63.xxx.xxx - - [17/May/2014:16:51:12 +0200] "GET /direct/2285-website-78260-02-97-luberon-n%C3%A1st%C4%9Bnn%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:51:14 +0200] "GET /direct/2285-website-16953-03-36-birk-led-sv%C3%ADtet.html HTTP/1.0" 200 8941 178.63.xxx.xxx - - [17/May/2014:16:51:17 +0200] "GET /robots.txt HTTP/1.0" 200 98 178.63.xxx.xxx - - [17/May/2014:16:51:22 +0200] "GET /direct/229-website-12919-13-96-sv%C3%ADtet.html HTTP/1.0" 301 - 178.63.xxx.xxx - - [17/May/2014:16:51:25 +0200] "GET /direct/229-website-23724-01-31-sv%C3%ADtet.html HTTP/1.0" 200 36374 178.63.xxx.xxx - - [17/May/2014:16:51:30 +0200] "GET /direct/2291-website-31642-71-39-comet-stoln%C3%AD-sve.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:51:35 +0200] "GET /direct/2291-website-17949-21-11-lana-led-sv%C3%ADtet.html HTTP/1.0" 200 8887 178.63.xxx.xxx - - [17/May/2014:16:51:40 +0200] "GET /direct/2294-website-31734-02-31-chapeau-stojac%C3%AD-sve.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:51:42 +0200] "GET /direct/2294-website-26950-21-09-mini-comet-led-sv%C3%ADtet.html HTTP/1.0" 200 8953 178.63.xxx.xxx - - [17/May/2014:16:51:46 +0200] "GET /direct/2295-website-31734-02-30-chapeau-stojac%C3%AD-sve.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:51:50 +0200] "GET /direct/2295-website-26950-22-09-mini-comet-led-sv%C3%ADtet.html HTTP/1.0" 200 8960 178.63.xxx.xxx - - [17/May/2014:16:51:54 +0200] "GET /direct/2303-website-28856-21-30-jura-venkovn%C3%AD-sv%C3%ADtet.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:52:00 +0200] "GET /direct/2303-website-70564-01-30-sv%C3%ADtet.html HTTP/1.0" 200 8912 178.63.xxx.xxx - - [17/May/2014:16:52:04 +0200] "GET /direct/2353-website-78502-01-01-arabba-stoln%C3%AD-sve.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:52:08 +0200] "GET /direct/2353-website-12685-21-12-geos-stoln%C3%AD-sve.html HTTP/1.0" 200 8898 178.63.xxx.xxx - - [17/May/2014:16:52:14 +0200] "GET /direct/2354-website-78502-01-09-arabba-stoln%C3%AD-sve.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:52:17 +0200] "GET /direct/2354-website-12685-21-03-geos-stoln%C3%AD-sve.html HTTP/1.0" 200 8897 178.63.xxx.xxx - - [17/May/2014:16:52:25 +0200] "GET /direct/2357-website-12619-22-12-bergamo-stoln%C3%AD-sve.html HTTP/1.0" 404 4756 178.63.xxx.xxx - - [17/May/2014:16:52:28 +0200] "GET /direct/2360-website-17947-71-12-ribo-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:52:30 +0200] "GET /direct/2360-website-16633-21-12-anga-stoln%C3%AD-sve.html HTTP/1.0" 200 8896 178.63.xxx.xxx - - [17/May/2014:16:52:38 +0200] "GET /direct/2361-website-17947-72-12-ribo-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26 37.58.xxx.xxx - - [17/May/2014:16:52:41 +0200] "GET /direct/1908-website-61455-50-41-cliff-záv& HTTP/1.1" 404 4940 178.63.xxx.xxx - - [17/May/2014:16:52:41 +0200] "GET /direct/2361-website-16633-21-03-anga-stoln%C3%AD-sve.html HTTP/1.0" 200 8889 178.63.xxx.xxx - - [17/May/2014:16:52:47 +0200] "GET /direct/2362-website-17947-73-12-ribo-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:52:53 +0200] "GET /direct/2362-website-17558-81-31-swing-stoln%C3%AD-sve.html HTTP/1.0" 200 8900 178.63.xxx.xxx - - [17/May/2014:16:52:58 +0200] "GET /direct/2363-website-17947-74-12-ribo-bodov%C3%A9-sv%C3%ADtet.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:53:01 +0200] "GET /direct/2363-website-31541-01-39-cri-stoln%C3%AD-sve.html HTTP/1.0" 200 8853 178.63.xxx.xxx - - [17/May/2014:16:53:06 +0200] "GET /direct/2388-website-61006-45-38-pince-st%C3%ADnidlo.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:53:07 +0200] "GET /direct/2388-website-17558-81-43-swing-stoln%C3%AD-sve.html HTTP/1.0" 200 8901 178.63.xxx.xxx - - [17/May/2014:16:53:14 +0200] "GET /direct/2390-website-61003-45-38-pince-st%C3%ADnidlo.html HTTP/1.0" 301 26 178.63.xxx.xxx - - [17/May/2014:16:53:16 +0200] "GET /direct/2390-website-12679-01-97-anfy-stoln%C3%AD-sve.html HTTP/1.0" 200 8883 178.63.xxx.xxx - - [17/May/2014:16:53:20 +0200] "GET...............
For example if you whitelist 195.113.80.0/25 (aka 195.113.80.0 - 195.113.80.127) it would allow anyone at Akademie výtvarných umění v Praze to connect to your Web Server from their PC's. Check out Major IP Address Blocks For Czech Republic for a listing of CZ IP ranges you might want to "whitelist".
(It is far easier, and far more effective security wise to whitelist "permitted" sites, than it is to blacklist "banned" ones).
Note: Don't forget to "whitelist" your own local network (192.168.x.1 - 192.168.x.254) in this listing, or you will lock yourself out of your own NAS.
Patrick M. Wilson
Victoria, BC Canada
QNAP TS-470 Pro w/ 4 * Western Digital WD30EFRX WD Reds (RAID5) - - Single 8.1TB Storage Pool FW: QTS 4.2.0 Build 20151023 - Kali Linux v1.06 (64bit)
Forums: View My Profile - Search My Posts - View My Photo - View My Location - Top Community Posters
QNAP: Turbo NAS User Manual - QNAP Wiki - QNAP Tutorials - QNAP FAQs
Please review: When you're asking a question, please include the following.
- schumaku
- Guru
- Posts: 43578
- Joined: Mon Jan 21, 2008 4:41 pm
- Location: Kloten (Zurich), Switzerland -- Skype: schumaku
- Contact:
Re: Apache Processes using 100% CPU Time
Complete illusion to whitelist a Web server...
- pwilson
- Guru
- Posts: 22533
- Joined: Fri Mar 06, 2009 11:20 am
- Location: Victoria, BC, Canada (UTC-08:00)
Re: Apache Processes using 100% CPU Time
How so? (Not arguing, just trying to understand your assertion )schumaku wrote:Complete illusion to whitelist a Web server...
Patrick M. Wilson
Victoria, BC Canada
QNAP TS-470 Pro w/ 4 * Western Digital WD30EFRX WD Reds (RAID5) - - Single 8.1TB Storage Pool FW: QTS 4.2.0 Build 20151023 - Kali Linux v1.06 (64bit)
Forums: View My Profile - Search My Posts - View My Photo - View My Location - Top Community Posters
QNAP: Turbo NAS User Manual - QNAP Wiki - QNAP Tutorials - QNAP FAQs
Please review: When you're asking a question, please include the following.
- schumaku
- Guru
- Posts: 43578
- Joined: Mon Jan 21, 2008 4:41 pm
- Location: Kloten (Zurich), Switzerland -- Skype: schumaku
- Contact:
Re: Apache Processes using 100% CPU Time
Simply because of there is no unified numbering or whatever. There are many ISP, all use different networks, things can change almost daily, ... if you try to build a list of "national" IPv4 networks and think you have finished, you will find more. Not manageable.
- doktornotor
- Ask me anything
- Posts: 7472
- Joined: Tue Apr 24, 2012 5:44 am
Re: Apache Processes using 100% CPU Time
Certainly not by configuring things on QNAP. Unless you have a pretty decent firewall (no, $50 blackbox "router" from ISP does not count), pretty much lost cause, ask ISP for help. I also find it sheer madness to expose this QNAP thing directly on internet. At minimum, you should have the webserver behind a reverse proxy (nginx or whatever) running on something else than QNAP.jan.lex wrote: How can I protect my webserver?
I'm gone from this forum till QNAP stop wasting volunteers' time. Get help from QNAP helpdesk instead.
Warning: offensive signature and materials damaging QNAP reputation follow:
QNAP's FW security issues
QNAP's hardware compatibility list madness
QNAP's new logo competition
Dear QNAP, kindly fire your clueless incompetent forum "admin" And while at it, don't forget the webmaster!
Warning: offensive signature and materials damaging QNAP reputation follow:
QNAP's FW security issues
QNAP's hardware compatibility list madness
QNAP's new logo competition
Dear QNAP, kindly fire your clueless incompetent forum "admin" And while at it, don't forget the webmaster!