GEEKS
-
-
Providers
Recommended Shared Hosting Providers
Browse allRecommended Dedicated Hosting Providers
Browse allRecommended VPS Hosting Providers
Browse allRecommended Reseller Hosting Providers
Browse allRecommended Cloud Hosting Providers
Browse allRecommended Wordpress Hosting Providers
Browse all - Reviews
- Guides
- Tools
- Blog
- contact us
-
Providers
- login / Register Submit review
Tag: System Performance
NGINX DDos Attack Tutorial – Implement Basic Protection
DDoS attacks are usually intended to paralyze websites and web services and it is better to mitigate it at the firewall level. But for the web server that runs on Nginx, I have prepared a basic step to provide DDoS protection which proved to work for small-scale DDoS attacks and DDoS attacks that aimed at applications. This DDos Attack Tutorial protection for Nginx guidelines has been tested on CentOS 6, CentOS 7, RHEL 7 and Oracle Linux 7. This steps may work on your environment but please note that this guidelines is not an official document and official recommendation from Nginx website.
DDos Attack Tutorial – Implement Basic Protection for Nginx :
1. In /etc/nginx/nginx.conf, include the following parameters :
client_body_buffer_size 128k;
large_client_header_buffers 4 256k;
limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;
limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=50r/s;
server {
limit_conn conn_limit_per_ip 10;
limit_req zone=req_limit_per_ip burst=10 nodelay;
}
2. Then restart or reload your Nginx service to apply DDoS protection for Nginx :
# /etc/init.d/nginx restart
or
# /etc/init.d/nginx reload
Explanation :
a) Limit the number of connections per single IP :
limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;
b) Limit the number of requests for a given session :
limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=50r/s;
C) Zone which we want to limit by upper values, we want limit whole server :
server {
limit_conn conn_limit_per_ip 10;
limit_req zone=req_limit_per_ip burst=10 nodelay;
}
If your WordPress is under DDoS attack, you will get the following log into Nginx files domain.access.log :
1.2.3.4 - - [25/Mar/2015:16:52:38 +0800] "POST /wp-login.php HTTP/1.0" 200 6203 "-" "-" 1.2.3.4 - - [25/Mar/2015:16:52:39 +0800] "POST /wp-login.php HTTP/1.0" 200 6203 "-" "-" 1.2.3.4 - - [25/Mar/2015:16:52:39 +0800] "POST /wp-login.php HTTP/1.0" 200 6203 "-" "-" 1.2.3.4 - - [25/Mar/2015:16:52:40 +0800] "POST /wp-login.php HTTP/1.0" 200 6203 "-" "-" 1.2.3.4 - - [25/Mar/2015:16:52:40 +0800] "POST /wp-login.php HTTP/1.0" 200 6203 "-" "-" 1.2.3.4 - - [25/Mar/2015:16:52:41 +0800] "POST /wp-login.php HTTP/1.0" 200 6203 "-" "-" 1.2.3.4 - - [25/Mar/2015:16:52:41 +0800] "POST /wp-login.php HTTP/1.0" 200 6203 "-" "-" 1.2.3.4 - - [25/Mar/2015:16:52:42 +0800] "POST /wp-login.php HTTP/1.0" 200 6203 "-" "-" 1.2.3.4 - - [25/Mar/2015:16:52:42 +0800] "POST /wp-login.php HTTP/1.0" 200 6203 "-" "-" 1.2.3.4 - - [25/Mar/2015:16:52:43 +0800] "POST /wp-login.php HTTP/1.0" 200 6203 "-" "-" 1.2.3.4 - - [25/Mar/2015:16:52:43 +0800] "POST /wp-login.php HTTP/1.0" 200 6203 "-" "-" 1.2.3.4 - - [25/Mar/2015:16:52:44 +0800] "POST /wp-login.php HTTP/1.0" 200 6203 "-" "-" 1.2.3.4 - - [25/Mar/2015:16:52:44 +0800] "POST /wp-login.php HTTP/1.0" 200 6203 "-" "-" 1.2.3.4 - - [25/Mar/2015:16:52:45 +0800] "POST /wp-login.php HTTP/1.0" 200 6203 "-" "-" 1.2.3.4 - - [25/Mar/2015:16:52:45 +0800] "POST /wp-login.php HTTP/1.0" 200 6203 "-" "-"
Here is an example of the results after you perform basic DDoS protection for Nginx :
2015/03/28 11:44:33 [error] 22370#0: *71492 limiting connections by zone "conn_limit_per_ip", client: 1.2.3.4, server: www.ehowstuff.com, request: "GET /wp-login.php HTTP/1.0", host: "www.ehowstuff.com" 2015/03/28 11:44:33 [error] 22370#0: *71493 limiting connections by zone "conn_limit_per_ip", client: 1.2.3.4, server: www.ehowstuff.com, request: "GET /wp-login.php HTTP/1.0", host: "www.ehowstuff.com" 2015/03/28 11:44:33 [error] 22370#0: *71494 limiting connections by zone "conn_limit_per_ip", client: 1.2.3.4, server: www.ehowstuff.com, request: "GET /wp-login.php HTTP/1.0", host: "www.ehowstuff.com" 2015/03/28 11:44:33 [error] 22370#0: *71498 limiting connections by zone "conn_limit_per_ip", client: 1.2.3.4, server: www.ehowstuff.com, request: "GET /wp-login.php HTTP/1.0", host: "www.ehowstuff.com" 2015/03/28 11:44:33 [error] 22370#0: *71502 limiting connections by zone "conn_limit_per_ip", client: 1.2.3.4, server: www.ehowstuff.com, request: "GET /wp-login.php HTTP/1.0", host: "www.ehowstuff.com" 2015/03/28 11:44:33 [error] 22370#0: *71506 limiting connections by zone "conn_limit_per_ip", client: 1.2.3.4, server: www.ehowstuff.com, request: "GET /wp-login.php HTTP/1.0", host: "www.ehowstuff.com"
Hope this DDos Attack Tutorial to Implement Basic Protection on NGINX help!!
How to Install sysstat on CentOS 5.7 Linux Server
In this post i will show how to install sysstat on Linux CentOS 5.7 server. Sysstat package is on of the method to monitor the linux server. sysstat package contains the sar, iostat and mpstat which are the system performance tools for Linux operating system. The sar command collects and reports system activity information. The iostat command reports CPU utilization and I/O statistics for disks. The mpstat command reports global and per-processor statistics. The statistics reported by sar concern I/O transfer rates, paging activity, process-related activities, interrupts, network activity, memory and swap space utilization, CPU utilization, kernel activities and TTY statistics. All these tools can be schedule via cron to collect and historize performance and activity data. These are the list of sysstat’s available packages :
a) iostat(1) reports CPU statistics and input/output statistics for devices, partitions and network filesystems.
b) mpstat(1) reports individual or combined processor related statistics.
c) pidstat(1) reports statistics for Linux tasks (processes) : I/O, CPU, memory, etc.
d) sar(1) collects, reports and saves system activity information (CPU, memory, disks, interrupts, network interfaces, TTY, kernel tables,etc.)
e) sadc(8) is the system activity data collector, used as a backend for sar.
f) sa1(8) collects and stores binary data in the system activity daily data file. It is a front end to sadc designed to be run from cron.
g) sa2(8) writes a summarized daily activity report. It is a front end to sar designed to be run from cron.
h) sadf(1) displays data collected by sar in multiple formats (CSV, XML, etc.) This is useful to load performance data into a database, or import them in a spreadsheet to make graphs.
i) nfsiostat(1) reports input/output statistics for network filesystems (NFS).
j) cifsiostat(1) reports CIFS statistics.
To install sysstat, simply run the following command :
[root@CentOS57 ~]# yum install sysstat -y Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirror.oscc.org.my * extras: mirror.oscc.org.my * rpmforge: fr2.rpmfind.net * updates: mirror.oscc.org.my Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package sysstat.i386 0:7.0.2-11.el5 set to be updated --> Finished Dependency Resolution Dependencies Resolved ==================================================================================================== Package Arch Version Repository Size ==================================================================================================== Installing: sysstat i386 7.0.2-11.el5 base 182 k Transaction Summary ==================================================================================================== Install 1 Package(s) Upgrade 0 Package(s) Total download size: 182 k Downloading Packages: sysstat-7.0.2-11.el5.i386.rpm | 182 kB 00:00 Running rpm_check_debug Running Transaction Test Finished Transaction Test Transaction Test Succeeded Running Transaction Installing : sysstat 1/1 Installed: sysstat.i386 0:7.0.2-11.el5 Complete!
To check the installed sysstat’s package using rpm command :
[root@CentOS57 ~]# rpm -qa sysstat sysstat-7.0.2-11.el5
To see sysstat manual simply run any of the sisgle package command. As an example sa1 :
[root@CentOS57 ~]# man sa1
SA1(8) Linux Userâs Manual SA1(8)
NAME
sa1 - Collect and store binary data in the system activity daily data file.
SYNOPSIS
/usr/lib/sa/sa1 [ interval count ]
DESCRIPTION
The sa1 command is a shell procedure variant of the sadc command and handles all of
the flags and parameters of that command. The sa1 command collects and store binary
data in the /var/log/sa/sadd file, where the dd parameter indicates the current
day. The interval and count parameters specify that the record should be written
count times at interval seconds. If you do not specify these parameters, a single
record is written.
The sa1 command is designed to be started automatically by the cron command.
EXAMPLES
To create a daily record of sar activities, place the following entry in your root
or adm crontab file:
0 8-18 * * 1-5 /usr/lib/sa/sa1 1200 3 &
FILES
/var/log/sa/sadd
Indicate the daily data file, where the dd parameter is a number represent-
ing the day of the month.
AUTHOR
Sebastien Godard (sysstat wanadoo.fr)
SEE ALSO
sar(1), sadc(8), sa2(8), sadf(1), mpstat(1), iostat(1), vmstat(8)
http://perso.orange.fr/sebastien.godard/
Linux JUNE 2006 SA1(8)
How to Check Memory and I/O with vmstat on Linux CentOS 5/CentOS 6/RHEL 5/RHEL 6 server – System Performance
vmstat command is a utility that will provides interesting information abaout processes, memory, i/O and CPU activity. When you run vmstat utility command without any arguments, you will see the output as below. This post will guide you on how to check memory and I/O with vmstat on Linux CentOS 5/CentOS 6/RHEL 5/RHEL 6 server to optimize the linux system performance.
[root@rhel6 ~]# vmstat procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu----- r b swpd free buff cache si so bi bo in cs us sy id wa st 0 0 0 888252 28976 63004 5 0 0 11 15 18 0 0 99 0 0
Below are the description of above vmstat output :
1. The procs fields show the number of processes
– Waiting for run time (r)
-Blocked (b)
-Swapped out (w)
2. The memory fields show the kilobytes of swap memory,free memory, buffered memory and Cached memory
3. The swap fields show the kilobytes per second of memory
-Swapped in from disk (si)
-Swapped out to disk (so)
4. The io fields show the number of blocks per second
-Sent to block devices (bi)
-Received from block devices (bo)
5. The system shows the number of
-Interrupts per second (in)
-Context switches per second (cs)
6. The cpu field shows the percentage of total CPU time as
-User time (us)
-System time (sy)
-Idle (id) time
To prints the vmstat version, run this command :
[root@rhel6 ~]# vmstat -V procps version 3.2.8
We can let the vmstat to run automatically by execute this command :
[root@rhel6 ~]# vmstat
Where nsec is the number of seconds you want it to wait before another update.
To run vmstat on every 10 seconds :
[root@rhel6 ~]# vmstat 10 procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu----- r b swpd free buff cache si so bi bo in cs us sy id wa st 0 0 0 888072 29088 63004 4 0 0 11 14 18 0 0 99 0 0 0 0 0 888064 29088 63004 0 0 0 0 12 15 0 0 100 0 0 0 0 0 888064 29088 63004 0 0 0 0 13 16 0 0 100 0 0
Other vmstat usage as below :
usage: vmstat [-V] [-n] [delay [count]]
-V prints version.
-n causes the headers not to be reprinted regularly.
-a print inactive/active page stats.
-d prints disk statistics
-D prints disk table
-p prints disk partition statistics
-s prints vm table
-m prints slabinfo
-t add timestamp to output
-S unit size
delay is the delay between updates in seconds.
unit size k:1000 K:1024 m:1000000 M:1048576 (default is K)
count is the number of updates.
How to Track System Activity With top Command on Linux CentOS 5/CentOS 6/RHEL 5/ RHEL 6 server – System Performance
Top command is utility to monitor system activity interactively. When you run top from shell window, it will display all the activity processes and updates the screen. In this post i will show the usage of top command on CentOS 5/CentOS 6/RHEL 5/ RHEL 6 server to keep track system activity and to optimize the system performance.
Display top command on RHEL 6 :
[root@rhel6 ~]# top
top - 18:54:19 up 13:29, 2 users, load average: 0.00, 0.00, 0.00
Tasks: 93 total, 1 running, 90 sleeping, 2 stopped, 0 zombie
Cpu(s): 0.0%us, 0.0%sy, 0.0%ni,100.0%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st
Mem: 1031320k total, 225804k used, 805516k free, 31120k buffers
Swap: 2064376k total, 0k used, 2064376k free, 116716k cached
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
1375 root 20 0 97768 9796 5768 S 0.3 0.9 0:03.43 httpd
3974 root 20 0 2632 1076 868 R 0.3 0.1 0:00.08 top
1 root 20 0 2828 1392 1196 S 0.0 0.1 0:01.81 init
2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd
3 root RT 0 0 0 0 S 0.0 0.0 0:00.00 migration/0
4 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ksoftirqd/0
5 root RT 0 0 0 0 S 0.0 0.0 0:00.00 watchdog/0
6 root 20 0 0 0 0 S 0.0 0.0 0:00.25 events/0
7 root 20 0 0 0 0 S 0.0 0.0 0:00.00 cpuset
8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 khelper
9 root 20 0 0 0 0 S 0.0 0.0 0:00.00 netns
10 root 20 0 0 0 0 S 0.0 0.0 0:00.00 async/mgr
11 root 20 0 0 0 0 S 0.0 0.0 0:00.00 pm
12 root 20 0 0 0 0 S 0.0 0.0 0:00.00 sync_supers
13 root 20 0 0 0 0 S 0.0 0.0 0:00.00 bdi-default
14 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kintegrityd/0
15 root 20 0 0 0 0 S 0.0 0.0 0:00.02 kblockd/0
16 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kacpid
17 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kacpi_notify
18 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kacpi_hotplug
19 root 20 0 0 0 0 S 0.0 0.0 0:00.01 ata/0
20 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ata_aux
21 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ksuspend_usbd
22 root 20 0 0 0 0 S 0.0 0.0 0:00.00 khubd
23 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kseriod
25 root 20 0 0 0 0 S 0.0 0.0 0:00.00 khungtaskd
26 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kswapd0
27 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd
28 root 20 0 0 0 0 S 0.0 0.0 0:00.00 aio/0
29 root 20 0 0 0 0 S 0.0 0.0 0:00.00 crypto/0
34 root 20 0 0 0 0 S 0.0 0.0 0:00.00 pciehpd
36 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kpsmoused
37 root 20 0 0 0 0 S 0.0 0.0 0:00.00 usbhid_resumer
67 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kstriped
267 root 20 0 0 0 0 S 0.0 0.0 0:00.00 scsi_eh_0
268 root 20 0 0 0 0 S 0.0 0.0 0:00.00 scsi_eh_1
279 root 20 0 0 0 0 S 0.0 0.0 0:00.20 mpt_poll_0
Display top command on CentOS 5.7 :
[root@CentOS57 ~]# top
top - 18:57:39 up 10:04, 2 users, load average: 0.00, 0.00, 0.00
Tasks: 73 total, 1 running, 70 sleeping, 2 stopped, 0 zombie
Cpu(s): 0.0%us, 0.1%sy, 0.0%ni, 99.8%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st
Mem: 1034700k total, 86916k used, 947784k free, 7292k buffers
Swap: 2096472k total, 0k used, 2096472k free, 36104k cached
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
1 root 15 0 2160 676 584 S 0.0 0.1 0:00.93 init
2 root RT -5 0 0 0 S 0.0 0.0 0:00.00 migration/0
3 root 34 19 0 0 0 S 0.0 0.0 0:00.00 ksoftirqd/0
4 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 events/0
5 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 khelper
6 root 20 -5 0 0 0 S 0.0 0.0 0:00.00 kthread
9 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 kblockd/0
10 root 20 -5 0 0 0 S 0.0 0.0 0:00.00 kacpid
173 root 17 -5 0 0 0 S 0.0 0.0 0:00.00 cqueue/0
176 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 khubd
178 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 kseriod
244 root 21 0 0 0 0 S 0.0 0.0 0:00.00 khungtaskd
245 root 22 0 0 0 0 S 0.0 0.0 0:00.00 pdflush
246 root 15 0 0 0 0 S 0.0 0.0 0:00.01 pdflush
247 root 17 -5 0 0 0 S 0.0 0.0 0:00.00 kswapd0
248 root 17 -5 0 0 0 S 0.0 0.0 0:00.00 aio/0
466 root 11 -5 0 0 0 S 0.0 0.0 0:00.00 kpsmoused
492 root 10 -5 0 0 0 S 0.0 0.0 0:00.00 mpt_poll_0
493 root 19 -5 0 0 0 S 0.0 0.0 0:00.00 mpt/0
494 root 19 -5 0 0 0 S 0.0 0.0 0:00.00 scsi_eh_0
497 root 19 -5 0 0 0 S 0.0 0.0 0:00.00 ata/0
498 root 19 -5 0 0 0 S 0.0 0.0 0:00.00 ata_aux
505 root 20 -5 0 0 0 S 0.0 0.0 0:00.00 kstriped
514 root 10 -5 0 0 0 S 0.0 0.0 0:00.17 kjournald
544 root 11 -5 0 0 0 S 0.0 0.0 0:00.00 kauditd
577 root 21 -4 3004 1468 504 S 0.0 0.1 0:00.62 udevd
1730 root 20 -5 0 0 0 S 0.0 0.0 0:00.00 kmpathd/0
1731 root 20 -5 0 0 0 S 0.0 0.0 0:00.00 kmpath_handlerd
1790 root 11 -5 0 0 0 S 0.0 0.0 0:00.00 kjournald
1868 root 13 -5 0 0 0 S 0.0 0.0 0:00.00 iscsi_eh
1896 root 18 -5 0 0 0 S 0.0 0.0 0:00.00 cnic_wq
1911 root 15 -5 0 0 0 S 0.0 0.0 0:00.00 ib_addr
1918 root 20 -5 0 0 0 S 0.0 0.0 0:00.00 ib_mcast
1919 root 20 -5 0 0 0 S 0.0 0.0 0:00.00 ib_inform
1920 root 20 -5 0 0 0 S 0.0 0.0 0:00.00 local_sa
1923 root 20 -5 0 0 0 S 0.0 0.0 0:00.00 iw_cm_wq
By default, top will update its screen in every seconds. You can change this interval by using d seconds options as below :
To update the screen every 5 seconds, run the “top d 5” command :
[root@rhel6 ~]# top d 5 top - 18:56:51 up 13:32, 2 users, load average: 0.00, 0.00, 0.00 Tasks: 94 total, 1 running, 90 sleeping, 3 stopped, 0 zombie Cpu(s): 0.0%us, 0.1%sy, 0.0%ni, 99.7%id, 0.2%wa, 0.0%hi, 0.0%si, 0.0%st Mem: 1031320k total, 226064k used, 805256k free, 31136k buffers Swap: 2064376k total, 0k used, 2064376k free, 116716k cached
To update the screen every 10 seconds, run the “top d 10” command :
[root@rhel6 ~]# top d 10 top - 18:57:21 up 13:32, 2 users, load average: 0.00, 0.00, 0.00 Tasks: 95 total, 1 running, 90 sleeping, 4 stopped, 0 zombie Cpu(s): 0.0%us, 0.1%sy, 0.0%ni, 99.7%id, 0.2%wa, 0.0%hi, 0.0%si, 0.0%st Mem: 1031320k total, 226448k used, 804872k free, 31144k buffers Swap: 2064376k total, 0k used, 2064376k free, 116716k cached
The screen updates every 5 to 20 seconds interval is more usefull tha the default setting, 1 second. This because update every 1 second will lists itself in its own output as the main resource consumer. If you press the h key while top is running, you will see the following output screen :
