Apache goes down

Discussion in 'Installation/Configuration' started by Captain, Jun 4, 2012.

  1. Captain

    Captain Member

    Hello!

    i dont know why apache goes down. After restart it is work ok.
    But at night (i think, because all day it is work) apache goes down.
    I have Ubuntu 12.04 LTS, ISPConfig final, mod_secure, for one web-site is enabled ssl.
    in error.log:

    Code:
    [Mon Jun 04 11:04:21 2012] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
    [Mon Jun 04 11:04:21 2012] [notice] ModSecurity for Apache/2.6.3 (http://www.modsecurity.org/) configured.
    [Mon Jun 04 11:04:21 2012] [notice] ModSecurity: APR compiled version="1.4.5"; loaded version="1.4.6"
    [Mon Jun 04 11:04:21 2012] [warn] ModSecurity: Loaded APR do not match with compiled!
    [Mon Jun 04 11:04:21 2012] [notice] ModSecurity: PCRE compiled version="8.12"; loaded version="8.12 2011-01-15"
    [Mon Jun 04 11:04:21 2012] [notice] ModSecurity: LUA compiled version="Lua 5.1"
    [Mon Jun 04 11:04:21 2012] [notice] ModSecurity: LIBXML compiled version="2.7.8"
    [Mon Jun 04 11:04:21 2012] [notice] Original server signature: Apache/2.2.22 (Ubuntu)
    [Mon Jun 04 11:04:21 2012] [notice] suEXEC mechanism enabled (wrapper: /usr/lib/apache2/suexec)
    [Mon Jun 04 11:04:21 2012] [notice] Digest: generating secret for digest authentication ...
    [Mon Jun 04 11:04:21 2012] [notice] Digest: done
    [Mon Jun 04 11:04:21 2012] [notice] FastCGI: process manager initialized (pid 24334)
    [Mon Jun 04 11:04:22 2012] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
    [Mon Jun 04 11:04:22 2012] [notice] Apache/2.2.22 (Ubuntu) DAV/2 mod_fastcgi/mod_fastcgi-SNAP-0910052141 mod_ssl/2.2.22 OpenSSL/1.0.1 Apache/2.2.0 (Fedora) mod_fcgid/2.3.6 PHP/5.3.10-1ubuntu3.1 with Suhosin-Patch mod_ruby/1.2.6 Ruby/1.8.7(2011-06-30) configured -- resuming normal operations
    
    
    and mod_secure logs in error.log

    Code:
    [Sun Jun 03 17:40:07 2012] [error] [client 76.74.97.4] ModSecurity: Access denied with code 400 (phase 2). Pattern match "^[\\\\d\\\\.]+$" at REQUEST_HEADERS:Host. [file "/etc/apache2/mod-security/modsecurity_crs_21_protocol_anomalies.conf"] [line "60"] [id "960017"] [msg "Host header is a numeric IP address"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/IP_HOST"] [hostname "12.12.12.12"] [uri "/"] [unique_id "T8t3R8CoDGcAABrJxNcAAAAO"]
    
    But it is I thinks is a normal.

    What to do this apache? Where is a problem?

    Thank you.
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

  3. Captain

    Captain Member

    Now see suphp logs: server goes down at 9:32.
     

Share This Page