Nginx hang and do not respond with large number of network connection in FIN_WAIT state

gnusys nginx-forum at
Fri Jan 11 04:19:10 UTC 2019

The domain is proxied over cloudflare and the access log shows a large
number of requests to the website from the cloudflare servers


the requests were all GET /  and the rate at which it is done mostly is
extremely high pointing to a Layer 7 attack

We cant block the cloudflare IP's on the server as other sites (its a shared
hosting server) may be using Cloudflare . At the moment the target IP on the
server is blocked at the network level.Luckily the domain was using a
dedicated IP

As I already said, Apache handles this pretty well , the only small issue I
see is the server load getting a bit above normal and the Apache scoreboard
getting filled up, but with Nginx the entire webstack freeze with the
CLOSE_WAIT state and ESTABLISHED state extremely high and we can bring back
things to normal only after disabling Nginx . Once Nginx is disabled, the
CLOSE_WAIT and ESTABLISHED states clear off immediately too

Posted at Nginx Forum:,282613,282649#msg-282649

More information about the nginx mailing list