DDoS attacks

hello -

i continue to have problems with excessive “/usr/bin/php-cgi” processes running.

i have the csf firewall running - any recommendations what is the best approach to block excessive php-cgi processes from running at any one time?


Well, if there are a lot of those running, that means your website is receiving a lot of hits.

They key would be to determine which website is receiving those hits. You can often determine that by looking at who owns the excessive PHP processes.

You could then review the logs for that domain, and determine what IP (or IPs) is hitting your server too often. It may be as simple as blocking a few IP addresses.


thanks eric - i also set CT_LIMIT to 50 in csf (thank you earlier for the use of csf suggestion)

CT_EMAIL_ALERT is set to one - it will be interesting to see the email warning !