Control Web Panel
WebPanel => Problems on other RedHat linux servers => Topic started by: mynexttube on October 04, 2023, 10:01:19 PM
-
Hi,
I have problems but still can't find a solution.
I have only two sites on the server and several times a day they are unavailable (for 1-2 minutes) while the CWP panel is available always and working.
I'm currently on Almalinux 8 with CWP Pro although the same thing happens to me on Centos 8 as well.
I have tried on another two completely new servers and the same thing happens.
Please help how to solve this problem.
Thanks in advance for any help
-
What time is it happening?
Same time every day?
Have you checked the Apache log file for that time frame?
-
There is no specific time, it happens random.
In log of Apache I don't see nothing eve before 20min it happens again and I try just to restart Apache but nothing I restart firewall and mod security but nothing.
After restart of server sites come back.
P.S. I have another site on this server but works on docker and that site not have a problem.
I will continue to investigate from where problem comes and I will try to install php deffender
-
That is odd.
Is this running a public IP, or behind a NAT?
Try to uninstall mod_security for awhile.
If it doesn't crash you narrowed it down.
-
CSF and Mod Security are two primary vectors for interrupts like this; possibly also a PHP or MySQL resource overload. Are you using external site monitoring?
-
Yes is on public IP without NAT.
It looks that problem comes from mod security.
I don't know is it good to leave server without mod security?
-
If you have narrowed it down to mod-security.
Look in it logs to see what is triggering it.
What ModSec Rules Profile are you using?
OWASP old
OWASP latest
Comodo WAF (Which requires CWPpro)
Both OWASP have allot of false triggers (positives) that Comodo doesn't.
-
I use Comodo WAF
Today I install Centos 8 to see if I will have same problem like on Almalinux
-
The base OS shouldn't have an effect.
Mod_Security would be the same on any RHEL 8 based systems.
-
It happens again also without mod security.
In apache error log I found this:
[Sun Oct 08 01:43:07.337737 2023] [mpm_event:error] [pid 199649:tid 139707479040576] AH03490: scoreboard is full, not at MaxRequestWorkers.In$
[Sun Oct 08 01:43:08.338956 2023] [mpm_event:error] [pid 199649:tid 139707479040576] AH03490: scoreboard is full, not at MaxRequestWorkers.In$
[Sun Oct 08 01:43:09.339942 2023] [mpm_event:error] [pid 199649:tid 139707479040576] AH03490: scoreboard is full, not at MaxRequestWorkers.In$
-
Usually a $ at the end means there's more data to show.
Try viewing the log file using CWP's File Manager, and paste what the full lines say.
-
Look like a common issue with this scripts.
Did a quick Google search for 'mpm_event:error
https://forums.cpanel.net/threads/apache-mpm-event-scoreboard-not-full.710585/
Has a suggested fix is the code, as well as checking max server connections config.
Also they say to check your MaxConnectionsPerChild setting.
Setting it to anything other than 0 is only meant to be done on Windows because it leaks memory internally.
Looks like whatever script this is, it's been having problems with Apache going back to at least 2014.