apache and phpbb..
13 April 2005, 09:07 AM
#3
Nothing is showing in the error log.. i think i understand now what is happening..
My forum gets indexed by seach engines, and I believe they are using up all the valid connections... when either another search engine trys to connect or a user, the website seems to drop all connections, thus freeing them up.
How can I increase the number of connections allowd? or stop this from happening?
I am using win2k with the latest version of apache 1.
My forum gets indexed by seach engines, and I believe they are using up all the valid connections... when either another search engine trys to connect or a user, the website seems to drop all connections, thus freeing them up.
How can I increase the number of connections allowd? or stop this from happening?
I am using win2k with the latest version of apache 1.
13 April 2005, 09:17 AM
#4
Scooby Regular
What kind of connections are being used up, database connections (from the BBS software to the database) or HTTP connections (from the user's web browser to your webserver) ?
Either way I'd expect there to be some kind of error logged. If "MaxClients" is being exceeded then you'll get some webserver error saying it's too busy (and that being noted in the error_log). If it's the BBS software running out of db connections I'd still expect that to log to STDERR which would fall into the error_log.
You can prevent spiders indexing your site with a robots.txt file in your DocumentRoot, from memory it'd go something like:
UserAgent: *
Disallow: /
But first I'd want to know exactly which connections are being used up.
Either way I'd expect there to be some kind of error logged. If "MaxClients" is being exceeded then you'll get some webserver error saying it's too busy (and that being noted in the error_log). If it's the BBS software running out of db connections I'd still expect that to log to STDERR which would fall into the error_log.
You can prevent spiders indexing your site with a robots.txt file in your DocumentRoot, from memory it'd go something like:
UserAgent: *
Disallow: /
But first I'd want to know exactly which connections are being used up.
13 April 2005, 11:19 AM
#5
i want the forum to be indexed 
I log in as admin into phpbb, and you can see active connections and what they are doing on the forum. When a bot is indexing the site, they have multi connections from various ips and you can see which are they are in etc...
When it gets to about 50 connections, everyone connection is dropped, and people who are logged in are logged out.
Nothing is being written in the error log to reflect what is happening when this happens.
ideas?
I log in as admin into phpbb, and you can see active connections and what they are doing on the forum. When a bot is indexing the site, they have multi connections from various ips and you can see which are they are in etc...
When it gets to about 50 connections, everyone connection is dropped, and people who are logged in are logged out.
Nothing is being written in the error log to reflect what is happening when this happens.
ideas?
13 April 2005, 12:12 PM
#6
Scooby Regular
I don't get that. HTTP doesn't work that way, it's stateless; you make an HTTP request, the webserver responds, and that's it - there's no more connection after that. There are 'keepalives', but that's at the TCP level rather than HTTP and unrelated.
You shouldn't be seeing 50-odd connections from a spider at once, it only takes one to do it. If it's hammering your server, and it sounds like it is, I'd complain to the owner of the spider. That information should be present in your access_log (if you're logging UserAgent details there), that's the usual place to put spider contact info.
I would write a small program to parse the access logs and see how thick and fast the connections come in at various times of day to determine if that's really the case before I wrote a complaint, it could be the server isn't configured correctly. It's odd to me that the BBS actually logs people out when a certain number of people are browsing though, that would mean setting a cookie to say that person had been logged out, doesn't make sense unless it's an unregistered/trial version?
You shouldn't be seeing 50-odd connections from a spider at once, it only takes one to do it. If it's hammering your server, and it sounds like it is, I'd complain to the owner of the spider. That information should be present in your access_log (if you're logging UserAgent details there), that's the usual place to put spider contact info.
I would write a small program to parse the access logs and see how thick and fast the connections come in at various times of day to determine if that's really the case before I wrote a complaint, it could be the server isn't configured correctly. It's odd to me that the BBS actually logs people out when a certain number of people are browsing though, that would mean setting a cookie to say that person had been logged out, doesn't make sense unless it's an unregistered/trial version?
13 April 2005, 12:24 PM
#7
Basically in phpbb admin, you see waht users are currently on forum.
At the mo I see this :
When it gets to about 50, everyone is disconnected, and the list will be empty and everyone is logged out. Including myself as admin.
If I have the tick box ticked saying remember me, you stay logged in, but you have "relogged back in". So the session table is updated as you just logged back in. So the only reason why you are still logged in with the tick box, as it is relogging you back in.. if you didn't get the tickbox, you are logged out, and need to log back in, as your session/connection to the server has been dropped - get it?
At the mo I see this :
When it gets to about 50, everyone is disconnected, and the list will be empty and everyone is logged out. Including myself as admin.
If I have the tick box ticked saying remember me, you stay logged in, but you have "relogged back in". So the session table is updated as you just logged back in. So the only reason why you are still logged in with the tick box, as it is relogging you back in.. if you didn't get the tickbox, you are logged out, and need to log back in, as your session/connection to the server has been dropped - get it?
Trending Topics
13 April 2005, 12:53 PM
#8
Scooby Regular
Sure, but that's just "pretend" sessions, as in, "anyone that's accessed the site within the last 5 minutes is assumed to still be browsing" rather than there actually being a connection from them to your webserver. Same as the user listing on the front of this BBS, it's just assumed rather than accurate in any way.
The problem is the BBS software rather than Apache or PHP. Phpbb uses cookie based authentication, to log someone out it needs to set another cookie, which means there is some logic there that says "if this many people are active, log them all out". You could confirm that by checking the contents of the cookies, if you have multiple browsers you can use.
Is there not a configuration option to prevent it from logging out users when a certain limit is reached? 50 deemed-simultaneous users is pretty low, and there's no way of preventing "more than X" spiders from examining your site since they are autonomous.
I'd be worried if that many spiders were indexing my site though, it's effectively a distributed denial of service and I'd probably be having words!
The problem is the BBS software rather than Apache or PHP. Phpbb uses cookie based authentication, to log someone out it needs to set another cookie, which means there is some logic there that says "if this many people are active, log them all out". You could confirm that by checking the contents of the cookies, if you have multiple browsers you can use.
Is there not a configuration option to prevent it from logging out users when a certain limit is reached? 50 deemed-simultaneous users is pretty low, and there's no way of preventing "more than X" spiders from examining your site since they are autonomous.
I'd be worried if that many spiders were indexing my site though, it's effectively a distributed denial of service and I'd probably be having words!
13 April 2005, 01:13 PM
#10
Scooby Regular
90 is a lot, too many IMO. It still doesn't make sense from a technical point of view though, because the webserver configuration shouldn't be interfering with the application (phpbb) resetting cookies, unless it does so on an error condition. I'd also switch to Apache 2.0 if you have the option, it's far better than 1.3 on Win32.
Changing ThreadsPerChild could have detrimental effects on server performance, because what you're telling it to do is run that many request cycles per child process. If the server can't handle it, mostly because of memory issues, it could turn dog slow.
But if it's working, then sorted (edit: for now)
Changing ThreadsPerChild could have detrimental effects on server performance, because what you're telling it to do is run that many request cycles per child process. If the server can't handle it, mostly because of memory issues, it could turn dog slow.
But if it's working, then sorted (edit: for now)
13 April 2005, 01:23 PM
#11
yep i know where u r coming from...
it isnt resetting cookies as such - basically the session had been terminated, and this is how phpbb sees which posts u have read etc.
i thought issues with apache 2 and php4? hence me not moving upwards to it.
it isnt resetting cookies as such - basically the session had been terminated, and this is how phpbb sees which posts u have read etc.
i thought issues with apache 2 and php4? hence me not moving upwards to it.
13 April 2005, 01:49 PM
#12
Scooby Regular
Hmm that would mean whenever the thread gets maxed out phpbb loses all its session data, and users require re-authentication. That's a massive design flaw
I think the only reason that PHP isn't up to scratch on Apache 2 isn't because of PHP itself, which is from what I've read very thread safe, but because of the add-on modules for PHP, which aren't. Since Win32 is threaded and you're experiencing problems with 1.3 now, you could always give 2.0 a go.
I think the only reason that PHP isn't up to scratch on Apache 2 isn't because of PHP itself, which is from what I've read very thread safe, but because of the add-on modules for PHP, which aren't. Since Win32 is threaded and you're experiencing problems with 1.3 now, you could always give 2.0 a go.
14 April 2005, 12:06 AM
#14
well updated to apache 2...
didnt change the settings for thread or anything, but same problem as experiecing before I increased thread size.. it is only the jeeves bot that does this, so banned the ip address in the end.
didnt change the settings for thread or anything, but same problem as experiecing before I increased thread size.. it is only the jeeves bot that does this, so banned the ip address in the end.
Last edited by ChristianR; 14 April 2005 at 12:13 AM.
14 April 2005, 08:13 AM
#16
yeah i just updated the apache2 config, putting in the changes I made.
was a bit annoying to get php4 running with apache2, but all sorted now - good old google came to hand
I tried to open just one ip, and it still spawned itself multi times.. unlike msnbot which I see online, which is only using one connection.
was a bit annoying to get php4 running with apache2, but all sorted now - good old google came to hand
I tried to open just one ip, and it still spawned itself multi times.. unlike msnbot which I see online, which is only using one connection.
Thread
Thread Starter
Forum
Replies
Last Post