从拒绝服务中恢复服务器

从拒绝服务中恢复服务器

我正在查看一台可能配置错误以处理拒绝服务的服务器。攻击后,数据库被关闭,并且在攻击平息后无法重新启动,也无法自行重新启动。

攻击细节:

攻击者在几秒钟内有意或无意地使用应用程序搜索查询 URL 发送了数千个搜索查询。看起来服务器不堪重负,导致数据库记录了此消息:

121118 20:28:55 InnoDB: Initializing buffer pool, size = 512.0M
InnoDB: mmap(549453824 bytes) failed; errno 12

服务器规格:1.5GB 专用内存

这里是否存在我遗漏的明显错误配置?

**mysql.log**
121118 20:28:54 mysqld_safe Number of processes running now: 0
121118 20:28:54 mysqld_safe mysqld restarted
121118 20:28:55 [Warning] option 'slow_query_log': boolean value '/var/log/mysqld.slow.log' wasn't recognized. Set to OFF.
121118 20:28:55 [Note] Plugin 'FEDERATED' is disabled.
121118 20:28:55 InnoDB: The InnoDB memory heap is disabled
121118 20:28:55 InnoDB: Mutexes and rw_locks use GCC atomic builtins
121118 20:28:55 InnoDB: Compressed tables use zlib 1.2.3
121118 20:28:55 InnoDB: Using Linux native AIO
121118 20:28:55 InnoDB: Initializing buffer pool, size = 512.0M
InnoDB: mmap(549453824 bytes) failed; errno 12
121118 20:28:55 InnoDB: Completed initialization of buffer pool
121118 20:28:55 InnoDB: Fatal error: cannot allocate memory for the buffer pool
121118 20:28:55 [ERROR] Plugin 'InnoDB' init function returned error.
121118 20:28:55 [ERROR] Plugin 'InnoDB' registration as a STORAGE ENGINE failed.
121118 20:28:55 [ERROR] Unknown/unsupported storage engine: InnoDB
121118 20:28:55 [ERROR] Aborting

**ulimit -a**
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 13089
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 8192
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1024
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

**httpd.conf**
StartServers 10
MinSpareServers 8
MaxSpareServers 12
ServerLimit 256
MaxClients 256
MaxRequestsPerChild 4000

**my.cnf**
innodb_buffer_pool_size=512M
# Increase Innodb Thread Concurrency = 2 * [numberofCPUs] + 2
innodb_thread_concurrency=4
# Set Table Cache
table_cache=512
# Set Query Cache_Size
query_cache_size=64M
query_cache_limit=2M
# A sort buffer is used for optimizing sorting
sort_buffer_size=8M
# Log slow queries
slow_query_log=/var/log/mysqld.slow.log
long_query_time=2
#performance_tweak
join_buffer_size=2M

**php.ini**
memory_limit = 128M
post_max_size = 8M

答案1

似乎您应该优化 SQL 查询和/或使用一些 CAPTCHA 保护来防止自动滥用。您还可以设置资源限制 mysqli.max_persistent、mysqli.max_links (PHP) 和/或 MAX_USER_CONNECTIONS、MAX_QUERIES_PER_HOUR、MAX_CONNECTIONS_PER_HOUR (mysql)。

mysql 资源限制

mysql 客户端(php)资源限制

相关内容