?
Solved

403 Errors if many requests within seconds

Posted on 2006-11-01
4
Medium Priority
?
249 Views
Last Modified: 2012-06-27
Hello, my server is really giving me a headache!

I have a webpage with about 100 peripheral files (JS, CSS, jpg etc.)

Many site visitors have been complaining that they receive 403 errors.

If you refresh the page too quickly, you will get a 403 error ALMOST EVERY TIME.

Refresh the page 5 times in a row and you will be sure to get a 403 error.

Sometimes only half the images will load, and the others will be broken because of 403 errors.

My theory is that the server thinks that my visitors are hackers because they are making so many requests within a second.

By the way, I don't get this complaint at all from dial-up users-- the faster my visitor's high-speed connection, the more likely they are to get a 403 error.

Here are some key settings from my httpd.conf

        Timeout 300
        KeepAlive On
        MaxKeepAliveRequests 100
        KeepAliveTimeout 15
        MinSpareServers 5
        MaxSpareServers 10
        StartServers 5
        MaxClients 150
        MaxRequestsPerChild 0
        LoadModule expires_module            libexec/mod_expires.so
        LoadModule bwlimited_module           libexec/mod_bwlimited.so
        LoadModule bytes_log_module           libexec/mod_log_bytes.so
        LoadModule auth_passthrough_module      libexec/mod_auth_passthrough.so
        LoadModule evasive_module            libexec/mod_evasive.so


Please help! Thanks.
0
Comment
Question by:hankknight
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 57

Expert Comment

by:giltjr
ID: 17849375
Have you looked in your Apache logs to see if Apache is complaining about something?

Is your sever sized for the number of visitors?
0
 
LVL 16

Author Comment

by:hankknight
ID: 17849572
Hello,

>> Have you looked in your Apache logs to see if Apache is complaining about something?

Yes, and the only relevant information in the server logs is this:
               "client denied by server configuration"
In fact, by error log has almost NOTHING in it except hundreds of those errors.

>> Is your sever sized for the number of visitors?

Yes, I have a dedicated server with an Athlon MP processor and 1 gig or ram...  I have monitored my CPU and memory usage and neither have even spiked above a quarter of what is available.

I know absolutely NOTHING about system administration but my guess is that it is either mod evasive or my MaxClients setting.  But because this is a live site I don't want to start messing with things till I know the implications.

0
 
LVL 57

Accepted Solution

by:
giltjr earned 2000 total points
ID: 17849973
Do you have more than 150 concurrent clients accessing your sever at once?

If you do then you may want to up MaxClients to, say 300 (or just a little bit more than how many ever concurrent clients you know you have), and see if the number of instances goes down or completely disappears.  You also may want to increase MinSpareServers to 10 or 20 and MaxSpareServers to 50.  This will decrease the overhead of stopping and starting processes.

I would also recommend setting MaxRequestsPerChild to something other than 0.  The defualt is 10000, so that should be a fine number to use.  If you set it to 0, then  the processes will never die and if you happen to have a memory leak you could chew up enough memory to cause serious system problems.  The 10,000 says that after 10,000 request,s stop this process and start a new one when needed.

0
 
LVL 16

Author Comment

by:hankknight
ID: 17868464
Thank you.
0

Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hi, in this article I'm going to teach you how to run your own site, and how to let people in (without IP). I'll talk about and explain each step... :) By the way, everything in this Tutorial is completely free and legal. This article is for …
If you've heard about htaccess and it sounds like it does what you want, but you're not sure how it works... well, you're in the right place. Read on. Some Basics #1. It's a file and its filename is .htaccess (yes, with a dot in the front). #…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses
Course of the Month9 days, 14 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question