Ok, so turn down the request time out via the XML file, and turn off/restrict debugging.
Debugging was NOT meant to be released into a production environment, therefore, creating a "Dos" attack with a noticeably unscalable feature counts as "turn it off" Jesse Noller [EMAIL PROTECTED] Macromedia Server Development Unix/Linux "special guy" > -----Original Message----- > From: Andrew Whalley [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, August 20, 2002 7:43 PM > To: CF-Linux > Subject: RE: DoS attack circumvention > > Hello! > > >The customer refers to a cfserver.log logfile which doesn't exist. > > it doesn't?: > > andy@cornholio:/usr/local/coldfusionmx/logs$ ls > application.log cfserver.log exception.log server.log > > >>I do see the stack traces he refers to in > \cfusionmx\runtime\logs\default-event.log (JRun log file). When holding > down F5, it grows at >>a rate of 300 kilobytes per minute. > >>I don't view this as a DoS attack for three reasons: > > it was not the file growth I was refering to with respect to the DOS > > >>3) I can't get the server to actually crash. > > It does on my setup - ok, it does not crash as in segfault, but the CF > server does not server pages > > >>I did notice, with debugging on (as the customer appears to have), > that it does take a lot longer for the server to recover after you > >>nail it with so many concurrent requests. > > very true, however i have found a point, which is usually under 10 > seconds worth of holding down F5, where the server does not recover > > >My recommendation to the customer would be to a) limit debugging by IP > Address in the CF Admin b) tune the JRun throttle so that > >threads stuck in the queue for a while get timed-out earlier. This is > modified in jrun.xml: <attribute name="threadWaitTimeout">300 > ></attribute>. The default value of 300 seconds could be limited to 20 > seconds or less. > > excellent, thanks, I will try that. I presume there is no nice web GUI > for doing jrun admin on a CFMX install, if so is there a list of > tweakable options? > > thank you very much for all your help in this matter, much appreciated > > all the best > > andy > ______________________________________________________________________ Get the mailserver that powers this list at http://www.coolfusion.com ------------------------------------------------------------------------------ Archives: http://www.mail-archive.com/cf-linux%40houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_linux or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
