Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 254
  • Last Modified:

403 Errors if many requests within seconds

Hello, my server is really giving me a headache!

I have a webpage with about 100 peripheral files (JS, CSS, jpg etc.)

Many site visitors have been complaining that they receive 403 errors.

If you refresh the page too quickly, you will get a 403 error ALMOST EVERY TIME.

Refresh the page 5 times in a row and you will be sure to get a 403 error.

Sometimes only half the images will load, and the others will be broken because of 403 errors.

My theory is that the server thinks that my visitors are hackers because they are making so many requests within a second.

By the way, I don't get this complaint at all from dial-up users-- the faster my visitor's high-speed connection, the more likely they are to get a 403 error.

Here are some key settings from my httpd.conf

        Timeout 300
        KeepAlive On
        MaxKeepAliveRequests 100
        KeepAliveTimeout 15
        MinSpareServers 5
        MaxSpareServers 10
        StartServers 5
        MaxClients 150
        MaxRequestsPerChild 0
        LoadModule expires_module            libexec/mod_expires.so
        LoadModule bwlimited_module           libexec/mod_bwlimited.so
        LoadModule bytes_log_module           libexec/mod_log_bytes.so
        LoadModule auth_passthrough_module      libexec/mod_auth_passthrough.so
        LoadModule evasive_module            libexec/mod_evasive.so


Please help! Thanks.
0
hankknight
Asked:
hankknight
  • 2
  • 2
1 Solution
 
giltjrCommented:
Have you looked in your Apache logs to see if Apache is complaining about something?

Is your sever sized for the number of visitors?
0
 
hankknightAuthor Commented:
Hello,

>> Have you looked in your Apache logs to see if Apache is complaining about something?

Yes, and the only relevant information in the server logs is this:
               "client denied by server configuration"
In fact, by error log has almost NOTHING in it except hundreds of those errors.

>> Is your sever sized for the number of visitors?

Yes, I have a dedicated server with an Athlon MP processor and 1 gig or ram...  I have monitored my CPU and memory usage and neither have even spiked above a quarter of what is available.

I know absolutely NOTHING about system administration but my guess is that it is either mod evasive or my MaxClients setting.  But because this is a live site I don't want to start messing with things till I know the implications.

0
 
giltjrCommented:
Do you have more than 150 concurrent clients accessing your sever at once?

If you do then you may want to up MaxClients to, say 300 (or just a little bit more than how many ever concurrent clients you know you have), and see if the number of instances goes down or completely disappears.  You also may want to increase MinSpareServers to 10 or 20 and MaxSpareServers to 50.  This will decrease the overhead of stopping and starting processes.

I would also recommend setting MaxRequestsPerChild to something other than 0.  The defualt is 10000, so that should be a fine number to use.  If you set it to 0, then  the processes will never die and if you happen to have a memory leak you could chew up enough memory to cause serious system problems.  The 10,000 says that after 10,000 request,s stop this process and start a new one when needed.

0
 
hankknightAuthor Commented:
Thank you.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now