Bug#688024: apache2-mpm-worker & proxy_ajp - too many "W" Sending Reply" threads
Package: apache2.2-bin
Version: 2.2.16-6+squeeze7
Severity: normal
Tags: squeeze
Hi.
I use Apache HTTPD server in front of Apache Tomcat with proxy_ajp.
Recently I added mod evasive to prevent DoS attack and blockinig sources of that attack
with iptables with following configuration:
<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 5
DOSSiteCount 500
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10
DOSSystemCommand "sudo /sbin/iptables -A INPUT -i eth0 -p tcp --dport 80 -s %s -j DROP"
</IfModule>
After that I noticed that apache server has a lot of "W" Sending Reply" threads (on mod status) and
these threads tried to serve requests from blocked IP addresses.
I tried to reproduce this problem on Wheezy (Apache 2.2.22), but there the problem seems solved.
Could you fix this problem for Squeezy too ?
-- System Information:
Debian Release: 6.0.5
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages apache2.2-bin depends on:
ii libapr1 1.4.2-6+squeeze4 The Apache Portable Runtime Librar
ii libaprutil1 1.3.9+dfsg-5 The Apache Portable Runtime Utilit
ii libaprutil1-dbd-sqlite 1.3.9+dfsg-5 The Apache Portable Runtime Utilit
ii libaprutil1-ldap 1.3.9+dfsg-5 The Apache Portable Runtime Utilit
ii libc6 2.11.3-3 Embedded GNU C Library: Shared lib
ii libcap2 1:2.19-3 support for getting/setting POSIX.
ii libldap-2.4-2 2.4.23-7.2 OpenLDAP libraries
ii libpcre3 8.02-1.1 Perl 5 Compatible Regular Expressi
ii libssl0.9.8 0.9.8o-4squeeze13 SSL shared libraries
ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime
apache2.2-bin recommends no packages.
apache2.2-bin suggests no packages.
-- no debconf information
Reply to: