Security Log – High server resource usage

Home Forums BulletProof Security Pro Security Log – High server resource usage

Tagged: 

Viewing 1 post (of 1 total)
  • Author
    Posts
  • August 11, 2016 at 1:44 pm #30561
    AITpro Admin
    Keymaster

    This is a very, very rare issue that only occurs on VPS and Dedicated servers that are either configured to not allow the htaccess ErrorDocument directive to be used in htaccess files or the server is not allowing 403 error logging in general due to a server configuration setting.  In plain english a server would be configured in a way to handle all error logging and using BPS Security Logging will cause high server resource usage due to the way that server is configured.  Something like the server is working overtime to try and block/negate/override BPS Security Logging while also logging server errors.  You can either turn off BPS Security Logging or change your server configuration to allow ErrorDocument and all other 403 error logging.

    1. Turn Off Security Logging on the BPS Security Log page if it is not already turned Off.
    2. Go to the htaccess File Editor tab page > Your Current Root htaccess File tab > Copy and paste the entire ERROR LOGGING AND TRACKING section of code from your root .htaccess file into this text box: CUSTOM CODE ERROR LOGGING AND TRACKING.
    3. Click the Save Root Custom Code button.
    4. Go to the Security Modes page and click the Root Folder BulletProof Mode Activate button.

    Most likely this will also need to be done if the server is not allowing anything else to handle errors except for the server itself.

    1. Copy this modified code below to this BPS Root Custom Code text box: CUSTOM CODE DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS
    2. Click the Save Root Custom Code button.
    3. Go to the Security Modes page and click the Root Folder BulletProof Mode Activate button.

    # DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS
# Use BPS Custom Code to modify/edit/change this code and to save it permanently.
# Files and folders starting with a dot: .htaccess, .htpasswd, .errordocs, .logs
#RedirectMatch 403 \.(htaccess|htpasswd|errordocs|logs)$

    There is one other possible scenario that could possibly cause high server resource usage/load. If your website is being attacked using POST attacks at a high rate/frequency and you have unchecked the Limit POST Request Body Data checkbox then it is possible, but not very likely, that the POST attacks could cause a high server resource usage. The rate of the attacks would have to be extremely frequent in order to overload the server because BPS is filtering the maximum amount of data to capture in each POST request Security Log entry. “The maximum Security Log Request Body Data capture/log limit is 250000 maximum characters, which is roughly about 250KB in size.”

  • Author
    Posts
Viewing 1 post (of 1 total)
  • You must be logged in to reply to this topic.