Need help moving from apache

#1
I am moving from apache but need to keep all of my clients. I got the 14 day trial enterprise for 1cpu server. I seem to be having all kinds of problems...like where to start...LOL can someone provide step by step directions please?
 
#2
Well i got it working.....god i love this...where do i write my testimonial because this is the greatest thing to happen to my hosting company EVER! My hosting company was being targetted by botnet attacks.....3 days of downtime and no source to find out how to stop it..... apache..blah!! I then just got done installing lite speed. ... it seems as soon as i did that everything was up and running faster then i have ever felt with apache! Something cool i think, if the botnet packets do seem to take down my main site, all of myother sites on the network are still up and running faster then lightening? All i have to say is you guys are geniuses i am defiantly paying for this after the 14 day trial is up!
 
#5
This is crazy! My server doesn't even lagg???? Apache sucks LOL sorry to say but they say you get what you pay for. Apache is free (and sucks) Lite Speed is paid (and rocks)
I take that back





[root@server ~]# sh ip
What port do you want to see connections on (ex. 80)
80
1 163.1.124.169
1 192.167.9.228
1 200.31.42.3
1 200.67.31.246
1 201.246.124.31
1 203.160.1.44
1 206.219.100.110
1 218.56.8.72
1 219.168.204.150
1 221.232.159.112
1 41.226.249.172
1 61.57.40.31
1 66.167.100.59
1 66.192.6.131
1 66.249.70.121
1 70.54.68.91
1 70.9.240.125
1 71.170.191.43
1 72.27.24.97
1 74.92.242.25
1 79.181.160.76
1 81.245.5.67
1 81.63.140.37
1 83.138.145.18
1 83.17.125.194
1 90.152.8.69
1 90.196.163.183
2 148.235.92.34
2 200.75.29.59
2 201.249.236.220
2 202.150.223.5
2 210.51.51.24
2 211.31.98.181
2 213.244.200.170
2 217.126.212.162
2 218.196.195.203
2 41.232.112.11
2 60.10.6.170
2 64.128.80.14
2 71.228.136.63
2 83.53.178.118
2 88.109.128.53
3 130.227.200.90
3 207.59.107.175
3 218.62.81.78
3 24.189.207.169
3 72.221.79.163
3 85.136.84.95
4 123.17.216.99
4 68.178.250.61
4 72.46.130.125
4 76.108.158.236
4 86.149.108.107
4 88.228.90.83
5 129.67.29.139
5 159.145.15.101
5 196.217.109.94
5 202.46.116.114
5 203.88.192.104
5 63.247.78.94
5 83.43.102.167
6 189.68.172.153
6 201.243.71.225
6 83.34.157.95
7 205.237.42.117
8 212.71.37.91
8 75.82.219.104
9 0.0.0.0
9 121.55.219.88
9 201.52.157.62
9 24.141.168.161
9 84.235.22.7
9 85.58.28.228
11 89.174.71.4
12 190.157.204.36
12 190.64.0.172
14 88.7.238.186
14 89.2.253.154
15 58.107.245.192
15 71.220.10.72
15 83.57.208.252
17 72.189.99.88
17 88.3.30.46
18 72.27.3.35
18 88.24.154.7
19 122.162.142.100
24 213.243.27.242
26 82.20.47.33
26 86.20.22.44
27 69.212.241.169
28 201.50.45.134
29 62.241.141.242
33 85.101.31.218
36 200.112.46.191
38 88.8.182.26
39 190.13.33.209
40 200.61.18.229
41 77.210.132.173
43 200.127.242.176
50 190.19.11.205
59 76.198.236.158
68 86.68.107.101
72 76.116.14.9
93 82.17.174.56
117 85.89.162.16
127 190.48.230.253
139 88.173.4.32
343 201.255.107.99
349 190.48.236.251
1193 190.48.33.41
-------------



server = down
 
#7
checking now, if i need can someone help me config it better? im loosing alot of my clients because of this....3 days downtime....this is still alot better then apache...how is it sites still load fast when server load is at 79% and how do you guys get it to where only the site getting hit drops and the rest load fast?


thats wierd...its a good web server though..
 

felosi

Well-Known Member
#8
well if the ddos is consuming your pipe then there is nothing litespeed can do. Only way it can really bring it down is from php/mysql usage due to get attacks.

But here is what to do, George showed me these settings the other night but first you need a firewall like CSF Make sure you enable connection tracking on it.

For litespeed put

Static Requests/second 10
Dynamic Requests/second 1
Connection Soft Limit 5
Connection Hard Limit 20
Grace Period (sec) 30
Banned Period (sec) 3000

You still need a firewall but these settings here will help tons.
Also make sure your users are running suphp so php processes dont go crazy. You can limit per user php processes to prevent from using all the resources on the server.

Do this, install the firewall (CSF) set ct_limit to about 60, interval to 30, and permanent ban to 1 And it will help clear it up. Then you can pretty much handle all you can pipe to it

BUT, sometimes the default kernel values for tcp are low and some attacks can hit limits to where the kernel starts dropping packets. If you see any messages about running out of socket memory or dropping packets on dmesg then you need to tune your tcp stack. I will post a tut on that here soon but you can find lots of info on the net about it and its resource sensitve, you can only allocate what you have memory for
 
#9
well if the ddos is consuming your pipe then there is nothing litespeed can do. Only way it can really bring it down is from php/mysql usage due to get attacks.

But here is what to do, George showed me these settings the other night but first you need a firewall like CSF Make sure you enable connection tracking on it.

For litespeed put

Static Requests/second 10
Dynamic Requests/second 1
Connection Soft Limit 5
Connection Hard Limit 20
Grace Period (sec) 30
Banned Period (sec) 3000

You still need a firewall but these settings here will help tons.
Also make sure your users are running suphp so php processes dont go crazy. You can limit per user php processes to prevent from using all the resources on the server.

Do this, install the firewall (CSF) set ct_limit to about 60, interval to 30, and permanent ban to 1 And it will help clear it up. Then you can pretty much handle all you can pipe to it

BUT, sometimes the default kernel values for tcp are low and some attacks can hit limits to where the kernel starts dropping packets. If you see any messages about running out of socket memory or dropping packets on dmesg then you need to tune your tcp stack. I will post a tut on that here soon but you can find lots of info on the net about it and its resource sensitve, you can only allocate what you have memory for
awsome thanks, i will do that as soon as i can get csf to restart.....i had to take someones ip out and as soon as i restart it all the banned ip's have free access then it lags the hell out of the server and takes forever for csf to come back up.
 
#10
edits have been made and the attacks are pretty much just bouncing off the server hahahahaha i can actually watch them bounce off. Server load is staying at 0.07 with over 200 accounts where apache usually stayed at 1.0 - 1.5
 

felosi

Well-Known Member
#11
Now, here is a sysctl file I use on servers with 2 gb ram. I say some of these settings have to be too high so use with caution and dont blame me if something bad happens lol.

BUT I have been using it and dealing with ddos 24/7 with no problems and no dropped packets or sockets running out of memory. So I know some of these are helping. If you ever get a ddos and notice lines in dmesg like conntrack_table full dropping packet, or out of socket memory. Using this will help.
for rhel/centos
www.nix101.com/sysctl.conf
 
Top