I am getting 403 Errors from Apache when I send too many, 12, synchronous HTTP Posts via a desktop app I am building in XCode / Objective-C. The 12 POST requests are just a few kb each and go out instantly one after the other and the Apache Error Log shows...
client denied by server configuration: /the-path/the-file.php
Apache 2.0 PHP 5 and I have this same setup working fine on my local machine. The error is coming from a VPS with my host, which runs very fast and smooth and has plenty of resources. To debug I threw a sleep(1); function (stalls script execution by 1 second) into the php file and that fixed it. This makes me think that I am breaking some limit for too many requests for a single IP in a certain amount of time. I have googled and combed PHP ini and Apache configs, but I cannot find what that directive/setting might be.
I should mention that the although it varies the first 4 or 5 POSTS usually work then it starts returning the 403 error intermittently after that. Just really acting like its bogging down.
Any ideas?
The error tells you everything: Most likely your VPS has flood control on their web server, which kicks in at 4 or 5 quickly-sequential hits. This has nothing to do with PHP itself, but ratherly completely to do with Apache. In other words, your home setup is not the same as the VPS's setup.
Try to off or configure mod_evasive. It is a module for Apache to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. (Here you can read more about it). Use the command to off mod_evasive:
a2dismod mod-evasive
service apache2 restart
Related
I have setup a local server on a regular desktop (not a server desktop) and have 3-4 client machines accessing the local web application I developed from the server via a WIFI router (server is connected to router via cable. All clients via WIFI).
When two of the clients are connected to the application all is well, but when a third (or more) machine joins in there are periods where each machine does not get any service from the server (the application webpage remains loading until I manually reset Apache on the server via services). At times the server responds when one of the clients refresh their page but most of the time I have to perform a reset of the Apache server.
This occurs roughly once an hour on average (6 hours of continuous usage) as the clients are using the application.
Server is running Windows 7 and Apache v2.4 with PHP v5.4
Server and all client machines are running AVG internet security
Firewall is handled by AVG Internet Security
Is this issue due to the code in my application, desktop not being able to manage requests like a server machine, antivirus or a mix of the three?
If so, how can I set-up the server to reset automatically?
Thanks
UPDATE
It is a application where users write reports on files after reviewing information
-Frequent sql requests for file data
-No images
-Some pages contain multiple sql queries that represent the page content
-Network has no internet connection
-Code does not make requests for external information from the internet
-All client machines run the application on Google Chrome web browser
But it rarely happens but sometimes the amount of connection is restricted by the third-party interface being used by the application. We are unable to figure out the reason unless having more details like what content of your app, and the error code apache or HTTP returning.
This kind of situations is difficult to track, especially on Windows where diagnostic tools aren't as readily available as on other platforms.
I suppose you can try and check the antivirus by either running server and clients with no antivirus at all for some hours, or disabling and re-enabling the antivirus when the hangup occurs.
Apart from that, you would need to pinpoint where the error occurs:
in the connection stage (Windows OS is the problem)
in the response stage (Apache is the problem - try fiddling with the child spawning parameters)
in the management stage (PHP is the problem - you can probably check this by changing the setup from PHP-as-a-module, and PHP-as-CGI-application)
in the response stage (that is, connection to the SQL server). You can check this by setting up some pages that use different combinations of session, database, and output buffering and see whether those pages remain reachable even when the application is hung up.
For an example of the last, if a page such as
<?php print date("H:i:s"); phpinfo(); ?>
remains reachable and correctly refreshes (that's why the date() command) even when the app does not respond, this demonstrates that Windows, Apache and PHP are "innocent", and either the SQL server has issues, or you do not interface with it correctly. It might be for example be the case (though unlikely in this instance) that the resident PHP module is accumulating connections to the SQL server and not releasing them, so that after a while you need to stop Apache (thereby freeing the module) and restart.
If this were the case, even if it's not a "real" fix, you can set up Apache so that all children die and are replaced after a small number of requests (once it was 150, but when leaks all but disappeared, I believe that the default became 0 -- Apache children no longer die. Check it out, I might well misremember).
I have two servers, a test server running Windows 7... and a prod server running Windows Server 2008. (Yeah, it's unfortunate that they're different OS's.)
For months now, they've been running on PHP 5.4.1.4.
I decided to upgrade them to PHP 7. Everything went completely fine with the test box. But of course, it doesn't get much traffic.
On the prod / Windows Server 2008 box, it seems like, web apps would run for a minute or two and then show "500 error". I could refresh and sometimes they'd work again, sometime it'd take a few minutes.
Nothing is/was getting written to the NEW PHP error log (even though IIS's PHP Manager section showed that we were pointed to the correct INI and the correct log file).
The webserver failed request logs simply indicated that FastCGI was failing because of too many 500 errors.
I checked Event Viewer and I would see application crashes that would point to php_soap.dll.
Now, that file is THERE and it's the same size as the one I have over in non-prod.
Still, I thought perhaps it was because my scripts were getting 500 errors for a valid reason. So I investigated one of them. Confirmed that it was an exact match to a working one on the test box. Refreshed it...and it worked fine. Refreshed some more, 500 errors.
So, finally, I went into IIS Manager -> PHP Manager and disabled the SOAP extension.
I then STOPPED seeing the massive number of failed requests and I stopped seeing the 500 errors... for everything except the one script I have that makes SOAP calls.
I tried copying the dll from the test box over to the prod box. Enabled the extension again in PHP. The issue returned. So, I've pointed us back to the 5.4.1.4 config for now.
Any ideas on how I might figure out why this dll is causing issues and/or how to fix it?
Thanks!
-= Dave =-
I know this is old now but I had a similar problem and it turns out that the cached WDSL files are not binary compatible between versions of PHP.
By default in php.ini the SOAP module has caching enabled. In order to avoid a crash you'll either need to clear the current WDSL cache or change the cache location for the new PHP install.
Hope that helps...
I think I figured out a fix. I'm not sure why I'm only having to do this on the prod server, though: The directories that my scripts that make SOAP calls are in were set to allow both Anonymous Authentication and Windows Authentication. When I was manually testing things in my browser, it would accept me and run the script as Anonymous.
I suddenly realized a theory: my erroring script was being called by remote desktop gadgets...so it was probably defaulting too to executing anonymously. But I have another script with SOAP in it that's run by Scheduled Task (as a specific user). I had NOT seen that erroring!
So, I turned off Anonymous Authentication on the directory I was testing and reran my script from my browser. Sure, I had to log in, but it then worked! I checked my version of the Desktop Gadget that calls a SOAP script in that same directory...and it was now working too!
I think the key reason why I did not see this on the test machine is that we really don't have any Desktop Gadgets pointed to those proxy SOAP scripts over there. That, plus I had THOUGHT that my script that runs by Scheduled Task was failing on the prod machine, as I know I saw it throw 500 errors within the first few minutes after I activated PHP7 the first time....and that same Scheduled Task/script DOES run over on the test box.
Thanks!
I have a working PHP website at a client where I work which runs on IIS. As we are switching to MsSQL, I need to enable the php_pdo_sqlsrv_53_nts.dll. However once I'm enabling the extension, I start to receive a 500 error. My guess is that I need to restart the webserver but for certain reasons at this time we would like to avoid it.
Can you please tell me whether a restart of the web server is necessary on IIS to enable correctly a php dll?
A restart is required even if you work on your localhost !
yes - see Microsoft.com
Mind you, restarting any of my webserver takes only a few seconds so I'm not sure if that's a big issue for your client. Does he have more than one server with a load balancer or something? In that case you can do them one by one or something? Or maybe there's another smart idea of temporarily rerouting traffic elsewhere through changing the DNS?
Contrary to popular opinion, I'm going to say No, and here's why:
Since you are using IIS, you could try recycling the App Pool, if the restart is not necessarily urgent.
It might take a little while to cycle, but "recycle" uses an overlapping method, keeping the old process up until its active requests are finished while a new process handles any newly generated requests. This continues until all existing processes are finished, then the old pool gracefully exits. This will ensure that service is not disrupted for the end users. On the down side, if you have users that sit on the site for long periods of time, it may take a while before your PHP extension becomes available.
I've had success with this method in the past, was able to install PHP extensions without restarting IIS outright.
To Recycle in IIS 7:
Open Internet Information Services (IIS) Manager
Navigate to SERVERNAME > Application Pools
Select the pool you wish to recycle (the one attached to the site where you need the extension)
In the Action pane, click "Recycle..."
I seem to be having issues with running wkhtmltopdf through a proc_open() on Ubuntu Server 12.04 with PHP 5.3.10.
What seems to happen (on several servers) when running solely with Apache is that the process is opened successfully, the data is written to and the PDF comes out of the other end of the process.
However, when running the same code through a setup with Nginx as a proxy and Apache as the upstream server, the fwrite() to stdin seems to hang/become unresponsive with anything more than approximately 1200 bytes.
The static binary version 0.10.0-rc2 seems to be working fine on its own, and can render any page it can access, so I'm not sure what's causing the issue here.
Edit: It doesn't seem to be Nginx, as I've put that in front of Apache on an AWS box and it still works.
You need to run "tail -f " and run the PHP script. You will hopefully see the error message appearing and that will guide you in the right direction.
This was the result of the Nginx server not having a specific hosts entry for the domain name it was using in the request. The request entered a loop, continually hitting the external address and redirecting to it, rather than resolving locally.
On my laptop I have an app that makes 7 AJAX GET requests to a single PHP script at about the same time (millisecond difference). They all return successfully with the result I want.
Then I moved this script to a server (Windows Server) running Apache and PHP. However, this process hangs when I make the same 7 AJAX requests. However, if I make each request individually then they all come back successful! Something doesn't want me to do all 7.
Why is this happening? What configuration variables in the PHP.ini and httpd.conf can I look for to determine what this is?
Thanks
I think the problem might be on the browser-side.
Most browsers have a 2 concurrent connections limit when talking to the same server.
When you moved your application to the server, the extra latency might have overlapped your AJAX requests, which on localhost were being served in quick succession.
You may want to check out these related articles:
The Dreaded 2 Connection Limit
The Two HTTP Connection Limit Issue
Circumventing browser connection limits for fun and profit
The server may have a throttler in place to keep excessive requests from coming in too quickly.
Maybe your Apache configuration limits the number of concurrent connections from the same IP, or even Windows. What version of Windows is it? What kind of Apache installation, Standalone or as a part of XAMPP?