Apache

The Apache httpd server

is a powerful, flexible, HTTP/1.1 compliant web server
implements the latest protocols, including HTTP/1.1 (RFC2616)
is highly configurable and extensible with third-party modules
can be customised by writing 'modules' using the Apache module API
provides full source code and comes with an unrestrictive license
runs on Windows NT/9x, Netware 5.x and above, OS/2, and most versions of Unix, as well as several other operating systems
is actively being developed
encourages user feedback through new ideas, bug reports and patches
implements many frequently requested features, including:

Some of the errors and the fix are given below

client denied by server configuration

Solution increase the values of following entries in httpd.conf
<IfModule mod_dosevasive.c>
DOSHashTableSize 3097
DOSPageCount 40
DOSSiteCount 150
DOSPageInterval 30
DOSSiteInterval 30
DOSBlockingPeriod 900
</IfModule>

It blocks brute force attacks in Apache
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&

redirect
ScriptAliasMatch ^/cpanel/(.*) /usr/local/cpanel/cgi-sys/redirect.cgi
ScriptAlias /cpanel /usr/local/cpanel/cgi-sys/redirect.cgi
ScriptAlias /whm /usr/local/cpanel/cgi-sys/whmredirect.cgi
ScriptAlias /securewhm /usr/local/cpanel/cgi-sys/swhmredirect.cgi
ScriptAlias /webmail /usr/local/cpanel/cgi-sys/wredirect.cgi
ScriptAliasMatch ^/webmail/(.*) /usr/local/cpanel/cgi-sys/wredirect.cgi
ScriptAliasMatch ^/kpanel/(.*) /usr/local/cpanel/cgi-sys/redirect.cgi
ScriptAlias /controlpanel /usr/local/cpanel/cgi-sys/redirect.cgi
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&

error

Options ExecCGI is off in this directory
solution

put the line in .htaccess file

Options ExecCGI

2. If the error in the log happens to be, Ã¢Options FollowSymLinks or
SymLinksIfOwnerMatch is off which implies that RewriteRule directive is forbiddenÃ¢ add Options +FollowSymLinks to your .htaccess file in the affected directory, right before you turn on the rewrite engine. i.e.

Options +FollowSymLinks
<IfModule mod_rewrite.c>
RewriteEngine On

&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
1.exit signal Segmentation fault (11)

grep exp /etc/httpd/conf/httpd.conf
# the order below without expert advice.
#LoadModule expires_module libexec/mod_expires.so
#AddModule mod_expires.c

After disabling the expire module, we don't have any errors anymore with php
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
site not resolving

check the entry NameVirtualHost for each ip
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&

to avoid sync flooding put the value to 1

ll /proc/sys/net/ipv4/tcp_syncookies
-rw-r--r-- 1 root root 0 Oct 17 18:55 /proc/sys/net/ipv4/tcp_syncookies
root@ [~]# cat /proc/sys/net/ipv4/tcp_syncookies
1

&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&

error in apache logs and apache get stopped
mod_rewrite: maximum number of internal redirects reac
hed. Assuming configuration error. Use 'RewriteOptions MaxRedirects' to increase the limit if neccessary.

solution

If you cannot find which entry in httpd.conf or the .htaccess file that is causing this, it might be better to do the opposite of the suggestion and set RewriteOptions MaxRedirects lower so that it doesn't trash apache. So before any VirtualHosts in httpd.conf, put it in:

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteOptions MaxRedirects=15
</IfModule>

http://forums.cpanel.net/showthread.php?t=34433&highlight=Use+%27RewriteOptions+MaxRedirects%27+to+increase+the+limit+if+neccessary
http://forums.cpanel.net/showthread.php?t=52379&highlight=Use+%27RewriteOptions+MaxRedirects%27+to+increase+the+limit+if+neccessary
Please note that we can increase the value, but sometimes load will increase
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&

dosattack or block ip which is causing more connections to apache

#!/usr/bin/perl

$| = 1;
my $port = 80;
my $total = 0;
my $IP_LIMIT = 90; # upper limit of httpd connections
my $LOGF = "/tmp/ddos.log"; # file used to log ips
my $EMAIL = 'test@mycutelife.net';
my $DELAY = 60;
my $TIMEF = '/tmp/time_file';

open FD, "+>>$LOGF" or die "$!";
select FD;

open( CMD, "netstat -an|" );

while (<CMD>) {
chomp;
($proto, undef, undef, $local_addr, $remote_addr, undef) = split(/ +/, $_, 5);
($local_ip, $local_port) = split( /:/, $local_addr );
($remote_ip, $remote_port) = split( /:/, $remote_addr );
next if $remote_ip =~ /0.0.0.0/;
next if $remote_ip =~ /59.93.43.4/; #our ip
next if $remote_ip =~ /203.197.151.138/; # our ip
next unless $local_port eq $port;
if ($proto =~ /tcp/) {
$TCP{$remote_ip}++;
} else {
$UDP{$remote_ip}++;
}
}

sub check_ip_in_log { # check if the ip is already blocked
my $curp = tell FD;
my $ip = $_[0];
seek( FD, 0, 0 ); # rewind
foreach (<FD>) {
return 1 if ( /$ip/ );
}
seek( FD, $curp, 0 );
0;
}

foreach $key (sort { $TCP{$a} <=> $TCP{$b}} keys %TCP) {
if ( $TCP{$key} > $IP_LIMIT ) {
unless (check_ip_in_log $key) {
#system "/sbin/iptables -I INPUT -p tcp --dport 80 -s $key -j DROP";
system "/usr/local/sbin/apf -d $key";
print "$key:$TCP{$key}\n";
} else {
print STDOUT "Skipping $key\n";
}
}
}

system "/etc/init.d/httpd restart";
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&