On Mon, Dec 02, 2002 at 12:26:12PM +0100, Mathieu Laurent wrote: > Hi, > > My webserver with apache (+ mod_ssl) failed when I receive a worms attack. > > I see this message in the error log: [error] [client xxx.xxx.xxx.xxx] > client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): / > > The father process of apache was killed. > > I have the last security packages installed on the webserver for apache > & mod_ssl. > > I see the same problem on the mailing list > http://lists.debian.org/debian-security/2002/debian-security-200209/msg00303.html > > but I didn't see no clue for this case. >
I got a pbm like this (but not really...) on three debian boxes (woody) with apache-ssl. it seems to appear after a bad reload during logrotate. it appears: one time in january on a deb box one time in july and one other on september on another deb box one time in october on another deb box thoses are the only ones and I have a lot of apache-ssl/woody servers working (maybe 50) each time I've got the folowing entries in apache logs at logrotate time: accept_mutex_on: Identifier removed [alert] Child 4968 returned a Fatal error... Apache is exiting! then some hours later (~ 5) apache crashes!!! My only fix at this time is done by changing reload in logrotate by a clean stop, sleep, start ... not a good fix, but it's enough and working for me. Unfortunatly, I can't debug more as I can't reproduce this and it doesn't appear very often... -- Easter-eggs Spécialiste GNU/Linux 44-46 rue de l'Ouest - 75014 Paris - France - Métro Gaité Phone: +33 (0) 1 43 35 00 37 - Fax: +33 (0) 1 41 35 00 76 mailto:[EMAIL PROTECTED] - http://www.easter-eggs.com
