Nginx hang and do not respond with large number of network connection in FIN_WAIT state
gnusys
nginx-forum at forum.nginx.org
Fri Jan 11 04:19:10 UTC 2019
The domain is proxied over cloudflare and the access log shows a large
number of requests to the website from the cloudflare servers
121115 162.158.88.4
121472 162.158.89.99
121697 162.158.90.176
122265 162.158.91.97
122969 162.158.93.113
125020 162.158.91.103
126132 162.158.90.194
128913 162.158.91.25
128980 162.158.93.89
the requests were all GET / and the rate at which it is done mostly is
extremely high pointing to a Layer 7 attack
We cant block the cloudflare IP's on the server as other sites (its a shared
hosting server) may be using Cloudflare . At the moment the target IP on the
server is blocked at the network level.Luckily the domain was using a
dedicated IP
As I already said, Apache handles this pretty well , the only small issue I
see is the server load getting a bit above normal and the Apache scoreboard
getting filled up, but with Nginx the entire webstack freeze with the
CLOSE_WAIT state and ESTABLISHED state extremely high and we can bring back
things to normal only after disabling Nginx . Once Nginx is disabled, the
CLOSE_WAIT and ESTABLISHED states clear off immediately too
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,282613,282649#msg-282649
More information about the nginx
mailing list