[Hcoop-discuss] CGI/PHP script security
Karl Chen
quarl at cs.berkeley.edu
Sat Dec 17 18:11:07 EST 2005
>>>>> On 2005-12-17 05:34 PST, Ntk writes:
Ntk> As I understand it, and as discussed before, the problem
Ntk> is not a script hogging CPU time, it's someone either
Ntk> maliciously or unintentionally starting a few dozen of
Ntk> these scripts (as simply as opening a link in many
Ntk> windows, or iterating "wget"s), and using up apache
Ntk> processes. Since there is as finite and relatively small
Ntk> upper limit of Apache processes, once these are used up
Ntk> all further web requests will be denied until the other
Ntk> processes finish (in this case 10 seconds).
Oh, okay, I thought the problem was just hosing CPU. In that case
we can limit the number of concurrent requests per IP. I think
mod_dosevasive does that, but there might be something more
appropriate.
Ntk> [..] I think we might see big gains in responsiveness
Ntk> though if we could somehow throttle disk access for the
Ntk> backup to even 75 or 80% of capacity.
rsync --bwlimit
--
Karl 2005-12-17 15:06
More information about the HCoop-Discuss
mailing list