Let me know if this helps
Cal
On Fri, Sep 2, 2011 at 8:16 PM, shacker <shacker@birdhouse.org> wrote:
> This is not a database connection question, but a TCP connection problem.
> I've got two different Django sites on the same server (which I admin), each
> with their own similar vhosts and wsgi processes. The server uses
> ConfigServer firewall for automatic detection and firewalling of bad
> behavior.
> On one of the sites, a small amount of clicking around in the admin will
> cause that user's IP to be blocked with a message like:
> DENY 128.33.33.123 * inout 29m 18s lfd - (CT) IP 128.33.33.123 (US/United
> States/[hostname]) found to have 670 connections
>
> (IP / hostname changed). Those 670 open connections can be created by simply
> going to Users in the admin and clicking and saving seven User records in
> sequence. That's it - firewalled. On the other Django site on the same
> server, you can do that all day long with no problem.
>
> I can sidestep the problem by changing the CT_LIMIT value in ConfigServer
> Firewall to a very high value or disabling it, but then I lose the DDOS
> protection it provides. Rather than work around it, I'd like to figure out
> what in the world is causing this one site to generate so many TCP
> connections during normal usage. But not sure where to begin.
>
> Suggestions? Thanks.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/django-users/-/4U0mn30f9tgJ.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscribe@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>
-- On Fri, Sep 2, 2011 at 8:16 PM, shacker <shacker@birdhouse.org> wrote:
> This is not a database connection question, but a TCP connection problem.
> I've got two different Django sites on the same server (which I admin), each
> with their own similar vhosts and wsgi processes. The server uses
> ConfigServer firewall for automatic detection and firewalling of bad
> behavior.
> On one of the sites, a small amount of clicking around in the admin will
> cause that user's IP to be blocked with a message like:
> DENY 128.33.33.123 * inout 29m 18s lfd - (CT) IP 128.33.33.123 (US/United
> States/[hostname]) found to have 670 connections
>
> (IP / hostname changed). Those 670 open connections can be created by simply
> going to Users in the admin and clicking and saving seven User records in
> sequence. That's it - firewalled. On the other Django site on the same
> server, you can do that all day long with no problem.
>
> I can sidestep the problem by changing the CT_LIMIT value in ConfigServer
> Firewall to a very high value or disabling it, but then I lose the DDOS
> protection it provides. Rather than work around it, I'd like to figure out
> what in the world is causing this one site to generate so many TCP
> connections during normal usage. But not sure where to begin.
>
> Suggestions? Thanks.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/django-users/-/4U0mn30f9tgJ.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscribe@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>
You received this message because you are subscribed to the Google Groups "Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
No comments:
Post a Comment