I have recently upgraded to Fedora 12. I am running ISPConfig 2 and OpenX 2.8.4. At apparently random times both CPUs usage spikes to 100% and will not come down without a restart. There is no obvious process running. What could it be?
Could be a maintenance routine in OpenX. I have disabled them and it seems that I am not having the problem. We shall see.
Any errors in your logs? Do you have munin installed? That could help you track down what the problem is.
I am not even sure what log to view. I get an encoding error when trying to view some of the logs in /var/log. Should I look elsewhere? No, I do not have munin installed.
I have read that Pulseaudio might be an issue. Your thoughts on that? Please pardon my lack of knowledge about this server. Sometimes I question why I even set it up, lol
I'm afraid I can't say anything about Pulseaudio... You can try to view the logs with cat, vi, or tail. See Code: man cat man vi man tail
I need your guideance. I cannot seem to find which log might display this error. The CPU issue seems to only happen when I am asleep. Anyway, I know that I should not be driving this system as I am unqualified. LOL I am learning more and more though. I had the error last night, what log might tell me what happened?
I am not finding any hints in these logs. I have turned off the email reports in OpenX. We are thinking that there may be a relationship to the reports generation in OpenX and the CPU issue. More to come...
Apparently, this issue stems from the automatic reports that are generated and emailed by OpenX. I have disabled all of the auto-reporting and have not had a reoccurance of this problem.
Okay, that was not it. I am perplexed! I need help on what log to read. The error occured at 9:06 local time last night. Where can I look for this? ispconfig does not have a log that I can find either.
This appears to be Denial of Service (DoS) or Brute-Force attacks on the server. Any idea how I can block them? I need only allow access from a few IP addresses.
If you know the IPs where the attacks are coming from, you can block them as follows: http://www.howtoforge.com/forums/showpost.php?p=38142&postcount=4
They are never the same (as far as I can tell) but are all in China. Is there a similar way that I can allow only the IP addresses that I want to grant access?
If they're attacking your web server, you could block requests from China with mod_geoip: http://www.howtoforge.com/installing-mod_geoip-for-apache2-on-fedora9
I have located the offending IP addresses and the attacks have stopped. Thank you for helping me figure this out.
