[Bug 839569] Re: Apache2 is still Range header DoS vulnerable if gzip compression is enabled
Upen
upendra.gandhi at gmail.com
Thu Sep 8 15:19:52 UTC 2011
In addition to my earlier comment and after reading other comments, I'd like to add now that I changed MaxClients for apache2( In Pre fork MPM ) on my virtual Lucid and restarted apache2. Ran killapache but this time the load on system didn't go high, and apache2 processes were limited to 3(observed using top command).
Before setting MaxClients I ran a guideline script from
http://rimuhosting.com/howto/memory.jsp to find MaxClient number that I
can use on my lucid. Script showed me number 3 and was surprised why so
low as the default is 150 :). Anyways looking at free physical memory
may be it makes sense to use 3 on system.
So I am now certain that in my case it was unhealthy configuration of
apache2 that was the cause that made fully patched Lucid system die
after running against kill apache script. And, even after using 1000
forks in killapache script my Lucid continued to stay in good health.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in Ubuntu.
https://bugs.launchpad.net/bugs/839569
Title:
Apache2 is still Range header DoS vulnerable if gzip compression is
enabled
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/839569/+subscriptions
More information about the Ubuntu-server-bugs
mailing list