hi, we are from some weeks struggling with some Polish hackers that are bringing our server down. After updating apache to latest version (2.4.23) and tomcat (8.0.38) available for debian systems we still cannot secure our server.
Today it has stopped to respond again and we needed to restart tomcat process to get it back alive. There is no too much clues in the logs. The apache error.log gives just this line: [Fri Nov 25 13:08:00.647835 2016] [mpm_event:error] [pid 13385:tid 1397934896385 92] AH00484: server reached MaxRequestWorkers setting, consider raising the MaxR equestWorkers setting seems that somehow tomcat, mod-jk2 or even apache is vulnerable to some new exploit, as we certainly does not have such traffic that would block our server otherwise for now we have increased MaxRequestWorkers and we have limited number of connections from one client to 5 by mod_bw and limited number of simultaneous connections from one ip by iptables but does not know if this will help best regards, artur
