1
In greater detail:
I believe that I am suffering some kind of attack, I suspected and I put an anti ddos, and it has already blocked some addresses, it released me the network and returned to normalize the server, only now it seems that it has appeared some different attack, simply pasted on 100% processing the CPU and do not know what to do, so someone help me with this if possible giving me a north, some module that can suggest to apache, I know you have, but do not know which to use.
Added 27/12/2017: Answering my own question, since this being difficult and ddos and boring all the time the firewall blocks and it consumes memory of the system and etc, I found an anti-ddos module for apache, mod security, I will try to raise information about it to build some knowledge on the subject through this issue, I have found some measures to protect yourself by the apache itself, starting with simple measures, Until I get to the ddos, in my opinion if it is solved by apache itself I believe that consumes less memory and CPU than using external programs, it is not just protection for ddos, but if someone wants protection why not take more than one measures, the focus of the question and the ddos, but I will be applying some of the measures I’m posting on the link of the article I found, https://www.petefreitag.com/item/505.cfm
Apache does not limit the process by users accessing the site, nor is there any way to identify a user, what you limit are requests based on a possible attack source (for example), and limiting in Apache will not prevent high consumption of the database for example. Aside from not stating that it is an attack or a general flaw not detected by you, the processor reaching 100% may simply be a series of scripts that were written not thinking about optimization...
– Guilherme Nascimento
... I myself had this problem, it looked like an attack on the comic book, but in fact there were several unnecessary connections per second that occurred, and this was all caused by a series of scripts that connected unnecessarily, even where I was making use of MEMCACHE the database connected, which consumed both the database limit and 'the processor'.
– Guilherme Nascimento
The anti-ddos you installed probably already solves the main problem, modules for apache will not be as efficient, if you can solve before checking "the HTTP server" will be better, besides as I said this "second attack" may not even be an attack.
– Guilherme Nascimento
Put, really it was not another attack, what was happening although the site has scripts half old was the antivirus of windows server 2016 that was conflicting with the anti-ddos, the attack was taking effect by the lack of resource in the system generated by the conflict of the two. Thank you so much for your help, now I’m going to give a study to see what can be done in relation to optimization that I know needs to be reviewed.
– Alejandro Goethe