1. Poor scripts
Look in error_log or php_error.log for something suspicious
2. Increase of visitors (the holiday is off)
I'm use to such increase of traffic in this month
3. Attacks
Look for suspicious connections. A ps -ax|grep -c httpd could tell you
how many apache child are running. If you rich the max number of
clients it could be a problem.
Try
netstat -ntu | grep SYN_RECV | awk '{print $5}' | cut -d: -f1 | sort |
uniq -c | sort -nr to see how many connections you have/ip
Apachetop could be a better tool for analyzing the apache load. you
can see the top requested files/sites
It can also be e matter of suddenly increase the number off visitors
versus the ability of the apache server to provide requested child
processes. For this matter look for the configuration options
KeepAliveTimeout
MinSpareServers
MaxSpareServers
StartServers
MaxClients
MaxRequestsPerChild
Also it could be a good ideea to limit the traffic. You can try
mod_evasive, mod_gzip, mod_expires, etc
MaxClients 500 could be useless (I may be wrong but from what I know
is a hard coded limit in apache source code HARD_SERVER_LIMIT who is
set to 250 so if you want to raise that limit you must recompile your
apache)
MaxRequestsPerChild 0 it say that once a child is created he can stay
up and running for infinite time. It could be better to limit this ,
let say to 10000 in order to force apache to kill a stressed child and
start a fresh one.
MinSpareServers 25 in my opinion is a little bit high. Practically you
force apache to keep free 25 servers any time. Try to set this
parameter to something like 10 or 15
Ther is a lot of literature about those parameters and how is the best
way to set them bun ther is not a clear solutions so the best practice
is to start playing with them and look for what happen.
2 comments:
I see that apache users list provide you a good inspiration
Post a Comment