question about nginx, slowloris and fastcgi
Michiel van Es
info at pcintelligence.nl
Wed Jul 1 17:19:08 MSD 2009
-------- Original Message --------
Subject: Re: question about nginx, slowloris and fastcgi
From: Maxim Dounin <mdounin at mdounin.ru>
To: nginx at sysoev.ru
Date: 07/01/2009 02:30 PM
> Hello!
>
> On Wed, Jul 01, 2009 at 01:59:31PM +0200, Michiel van Es wrote:
>
>> Hi,
>>
>> i am new to Nginx and I am testing the latest stable Nginx as webserver
>> with slowloris.
>> When I test slowloris on my php enabled website I see Nginx running to
>> 100% and get the following error:
>>
>> 500 Internal Server Error
>>
>> I don't think Nginx crashes (although the 100% cpu concerns me) but I
>> think fastcgi/php is crashing.
>
> What's in error_log?
2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
files)
2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
files)
2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
files)
2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
files)
2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
files)
2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
files)
2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
files)
2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
files)
2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
files)
>
> Symptoms suggest that you've run out of file descriptors in your
> OS. At start nginx tries to warn you about the problem if
> worker_connections are more than open file resource limit, but
> even this isn't enough (since every connection usually allocates at
> leas 2 file descriptors, and system-wide limit for all processes
> isn't taken into account).
You're right but how can I stop this?
Or how canI stop the slowloris attack..is it php fastcgi which is
vulnerable to the slowloris DoS?
>
> Maxim Dounin
Michiel
>
>> Are other people using Nginx and fastcgi/php are also experiencing this
>> behaviour and is there a fix to ensure that my website is still running
>> when slowloris is checking?
>>
>> Kind regards,
>>
>> Michiel
>>
>>
>
More information about the nginx
mailing list