Hi Due to crappy code by one of my users, PHP entered an infinite loop generating an error, causing very high load on the server and gigantic log files. Unfortunately the fail2ban gets taking 100% CPU too with the log files which increasing more and more. I did set ignore_repeated_errors to On, as well as ignore_repeated_source in php.ini. I checked that the settings is effective in phpinfo() but it doesn't help. Is there anyone can help me to be able to keep the server resources from this kind of crappy code? I am running ISPConfig 3 on CentOS Thanks
Hi Till Thank you for your reply. A log file is being increased as several hundreds megabyte in 10~20 seconds. Also the error won't be stopped by max_execution_time. For example, the zip.db file doesn't exist in the code below, PHP will generate gigantic log files and won't be stopped itself. Just imagine that people open the webpage at the same time.... Please advise. PHP: $fp = fopen("./zip.db", "r"); while(!feof($fp)) { $zipfile[] = fgets($fp, 4096); }
There are severaloptions, if the errors are no fatal errors, then you might change the error_reporting level to include only fatal errors and not e.g. warnings in the log. Another option can be to turn of php error logging and display errors only in the webpage or you define a separate error_log for php in php.ini which is not monitored by fail2ban.
