It is possible to DoS the server with massiv call of simple babelweb.

Here we generate the dumpfile only once per minute and a short description top optimize apache2 on Debian (i don't know what you can do, if you use nginx)

Signed-off-by: christiand <fff@chrisi01.de>
Signed-off-by: Robert Langhammer <rlanghammer@web.de>
This commit is contained in:
Robert Langhammer 2019-11-24 23:42:28 +01:00
parent 5947228548
commit 509846fa0b
2 changed files with 8 additions and 1 deletions

View File

@ -13,3 +13,7 @@ The haserl version for slim devices without php
### Requirements
* haserl
* netcat with ipv6 support
## Apache 2 settings
To avoid OOM Killer it's usefull to reduce the MaxConnectionsPerChild on apache2. On Debian open /etc/apache2/mods-enabled/mpm_prefork.conf and reduce MaxConnectionsPerChild.
Do not use more then 10 MaxConnectionsPerChild per Gigabyte RAM on your System.

View File

@ -23,7 +23,10 @@
<?php
error_reporting(0);
$file="/tmp/babeldump";
shell_exec('echo "dump" | nc ::1 33123 -q 1 > '.$file.'');
if (filemtime($file) < time()-10) {
shell_exec('echo "dump" | nc ::1 33123 -q 1 > '.$file.'');
}
$file_handle = fopen($file, 'r');
$set=0;