Why is litespeed admin panel so slow or even timed out?
 

I have a 2-core litespeed license, mysql is not running on this server.

It just says "Connecting to 'my server ip' in the status bar of the web browser and gives a timed out error. It happens about 50% of the time. My website is also loading very slow, about 5 seconds to load, sometimes up to 20 seconds to load.

The website also communicates with other websites that I own, I often get "can't connect to 'my domain'" errors which is using Perl LWP. I even get timed out errors from IMAP when sending emails via squirrelmail (PHP).

This is a 12 core server so the load should still be fine. But even if the website is loading slow due to high traffic, why is litespeed admin panel loading so slow also?

http://i42.tinypic.com/1556qev.jpg

check console or dmesg and see if full with "nf_conntrack: table full, dropping packet".

I didn't find nf_conntrack, I found ip_conntrack. It was set to 65536 and after setting to 131072 I don't have problem loading that now. Does that mean that before I set it higher, a lot of users were getting timed out and cannot connect?

correct. your conntrack table was full and no more connection can be accepted. a possible dos attack. monitor ip_conntrack_count and make sure it well below the max.

My website loads a lot faster now. It is around 70000 connections average, is this a concern?

Usually it is syn attacks cause the conntrack table full unless you have a very hot site. In your case, it is likely syn attacks since there aren't that many connections go to lsws. enable syncookies (sysctl parameter) to alleviate it.

Do these values look normal or is there SYN attack?

264

62439

the # of http used connections is less than 500 according to your real time stats, you need to find out what are those connections taking up conntrack table.

can you tell me how to find that =/

do 'dmesg' from command line shell (ssh). see if you get message like 'table full, dropping packet' in the tail end of screen output.