Announcement

Collapse
No announcement yet.

Router flooded with IP connections on port 80

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    Router flooded with IP connections on port 80

    I run a small website from home on a raspberry pi, which sits behind my router (running DD-WRT). Port forwarding is enabled on port 80 for web traffic.

    Today my internet connection is really slow. I tried a couple of things and noticed that the number of active IP connections is pretty much maxed out (max is 4096 and the number of connections hovers around 4090).

    A look at the active IP connection table shows that almost all of these are incoming connections on port 80.

    Don't get me wrong, I'd love loads of traffic to my website, but there's no way it's attracting that much attention!

    If I reset the router then within 1-2 mins the number of connections is maxed out again.

    What's happening? I don't remember the number of connections ever being this high before.

    Feathers
    samhobbs.co.uk
    Tags: connection, dd-wrt, overload, port 80, router
    • Top
    • Bottom
    #2
    P.S. I'm not currently using any file sharing /torrent programs.
    samhobbs.co.uk
    • Top
    • Bottom

    Comment

      #3
      Think I figured out what I did...

      My enthusiastic tinkering in Apache2's settings had led me to change a setting in the file /etc/apache2/mods-enabled/proxy.conf

      I uncommented "ProxyRequests On" without restricting its usage.

      The config file even warns people not to do exactly what I did:

      # If you want to use apache2 as a forward proxy, uncomment the
      # 'ProxyRequests On' line and the <Proxy *> block below.
      # WARNING: Be careful to restrict access inside the <Proxy *> block.
      # Open proxy servers are dangerous both to your network and to the
      # Internet at large.
      #
      # If you only want to use apache2 as a reverse proxy/gateway in
      # front of some web application server, you DON'T need
      # 'ProxyRequests On'.
      hat please.

      Oh well, at least I figured it out! I changed the setting a few days ago but haven't had any bad behaviour until now. Someone must have recently clocked that it was an open proxy and loads of people (/ a nasty program) started using it. Glad I noticed!

      I'll RTFM properly next time.

      Feathers
      Last edited by Snowhog; Oct 07, 2013, 08:35 PM. Reason: Your request is my command!
      samhobbs.co.uk
      • Top
      • Bottom

      Comment

        #4
        For anyone who is interested or has the same problem, I've written up what happened and what the solution was here:

        http://www.samhobbs.co.uk/2013/10/be...he2-mod_proxy/

        If you're an Apache guru (no doubt some of you are) and you notice any errors, please let me know - I'm still learning the basics.

        Glad I sorted it out in the end, at least I learned something!

        P.S. general Apache security tips are also very welcome
        samhobbs.co.uk
        • Top
        • Bottom

        Comment

          #5
          Nice website, Feathers! And on a Raspberry PI no less. Five volts at 0.7A is 3.5 watts. For a years worth of operation 24/7/365 it would take 215 KWhrs. Here it would cost me about $12 per year to operate.
          "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
          – John F. Kennedy, February 26, 1962.
          • Top
          • Bottom

          Comment

            #6
            Thanks, got to have something to keep myself busy! I got fed up of having hundreds of bookmarks for tutorials that were "almost right", the site is much more convenient for me, even if nobody else uses it

            I think you multiplied by 7 when you shouldn't have...

            3.5 x 365 x 24 = 30660Wh = 30.66 kWh (either that or 3.5 x 52 x 7 x 24).

            At 15p/kWh that's £4.60 / year, about the same as a pint in London!

            Glad you're checking

            Feathers
            samhobbs.co.uk
            • Top
            • Bottom

            Comment

              #7
              Oops! You're right, my bad!
              It would cost me (at 5.5 cents/kwh- I'm all electric) about $1.75 per year! That's even better! For all practical purposes the only real cost for the site is the domain name and DNS.
              "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
              – John F. Kennedy, February 26, 1962.
              • Top
              • Bottom

              Comment

                #8
                That price difference per kWh is ridiculous! So jealous.

                I'm currently setting up my ownCloud, the energy requirements for that are slightly larger because you need to power some kind of USB storage as well if you want to back up lots of stuff. The Pi can't run passport drives on its own because the USB ports don't output enough current, you need a drive with a separate power supply or an adapter. Still really cheap though!

                Feathers
                samhobbs.co.uk
                • Top
                • Bottom

                Comment

                Previous template Next
                Working...
                X