On Mon, Dec 02, 2002 at 12:26:12PM +0100, Mathieu Laurent wrote:
Hi,
My webserver with apache (+ mod_ssl) failed when I receive a worms attack.
I see this message in the error log: [error] [client xxx.xxx.xxx.xxx]
client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /
The father process of apache was killed.
I have the last security packages installed on the webserver for apache
& mod_ssl.
I see the same problem on the mailing list
http://lists.debian.org/debian-security/2002/debian-security-200209/msg00303.html
but I didn't see no clue for this case.
I got a pbm like this (but not really...) on three debian boxes (woody) with apache-ssl.
it seems to appear after a bad reload during logrotate.
it appears:
one time in january on a deb box
one time in july and one other on september on another deb box
one time in october on another deb box
thoses are the only ones and I have a lot of apache-ssl/woody servers
working (maybe 50)
each time I've got the folowing entries in apache logs at logrotate time:
accept_mutex_on: Identifier removed
[alert] Child 4968 returned a Fatal error...
Apache is exiting!
then some hours later (~ 5) apache crashes!!!
My only fix at this time is done by changing reload in logrotate by a
clean stop, sleep, start ... not a good fix, but it's enough and working
for me.
Unfortunatly, I can't debug more as I can't reproduce this and it
doesn't appear very often...