Hi, On Mon, Sep 24, 2018 at 05:52:28PM +0200, Martin LEUSCH wrote: > Hi, > > I have a web server with Apache 2.4 running in worker mode and multiple php > version with FPM service running in dynamic mode. > > Sometimes php-fpm stop responding and I got a 503 error on php request but > apache still respond to http request to other files (css, js, jpeg, ...) > then after a while apache stop respond (nothing logged on error log neither > in access log). I have to restart apache and php-fpm services to unlock the > server.
Did you check php-fpm log as well? It's /var/log/php7.0-fpm.log in php-fpm package in stretch. > Off course it's append while I have malicious activity on the server, the > last time it's happen I found a SQL injection attempt that causing lot of > php error (maybe an infinite loop). I would consider what can be done to protect against these attacks in the code. This could be the root cause of the issue. > How can I avoid these kind of situation? Can I optimize actual settings? > Should I use mpm_event with apache and/or ondemand process manager with > PHP-FPM? > > > mpm_worker config: > > StartServers 2 > MinSpareThreads 25 > MaxSpareThreads 75 > ThreadLimit 64 > ThreadsPerChild 25 > MaxRequestWorkers 150 > MaxConnectionsPerChild 0 > > > php-fpm pool config: > > pm = dynamic > pm.max_children = 5 This could be a problem if you are getting spammed. Try increasing to see if it slows down the appearence of timeouts, but see above regarding code. > pm.start_servers = 2 > pm.min_spare_servers = 1 > pm.max_spare_servers = 3 > > > Thanks, > > Martin > -- Nazar
