0

We have a web page on our server that we use to run administrative scripts. For example, we might run the script "unenrolStudents()" which runs 5,000 SQL SET commands one after another and sets 5000 student entries in an SQL database to unenrolled. However, we are finding that after running a few thousand queries (it is not totally consistent) we will be "locked out" by our server.

SYMPTOMS OF LOCKING OUT:
- unable to connect to server with winSCP
- opening putty with that connection shows a blank screen (no login / pass)
- clearing cookies / cache in chrome does NOT fix locking out
- other computers in the office ALSO become locked out
- locking out can be triggered with a high frequency of requests (10000 in 1 second) or by less over time (10000 in 500 seconds - this will still cause a lockout even though the frequency is much less)

We believe this is a security feature of our own Apache. I know we are using Suhosin but I didn't configure it so I don't know.

How can I disable this locking effect so that I can confidently run all my SQL requests and they will go through? Has anyone else dealt with this and found workarounds?

Thanks DS

Daniel Stern
  • 1
  • 1
  • Are you hitting this webpage once for every student? Or do you hit it a single time and pass in 2000+ student ids? One for every student will almost certainly trigger an attack defense, since you're basically slamming the server with requests. – Marc B Sep 28 '12 at 16:26
  • debugging is best done in knowing the facts, not believing something (at least not after you have spend the first 5 minutes without success). – hakre Sep 28 '12 at 16:27
  • This can hardly be a security feature if you can't even SSH into the server anymore – Jack Sep 28 '12 at 16:38
  • "other computers in the office ALSO become locked out" and the fact that SSH doesn't work any more seems more like a server network security error to me (blacklisting the IP). Some sort of DOS protection, maybe? Have you tried SSH'ing from another IP while this 'lockout' is going on? –  Sep 28 '12 at 16:55

3 Answers3

0

php script has a very short execution time. Have you tried extending it??

<?php  ini_set('max_execution_time', 300);
// code here
?>
geekman
  • 101
  • 1
0

Sounds to me like you're trying to fix a software architecture problem with a configuration setting.

I'd suggest writing your software to re-use connections rather than opening new ones for each operation.

Magellan
  • 4,451
  • 3
  • 30
  • 53
0

Two things come immediately to mind.

  1. If you're running 5,000 queries to do the same thing to 5,000 records you need to change that to a single query with and appropriate "where" clause.
  2. Running that many queries may be causing your server to be hitting memory limits.
John Gardeniers
  • 27,458
  • 12
  • 55
  • 109