PHP Maximum execution time exceeded - sign of attack?

web-server php ddos

Solution 1:

However, the log files are now full of the following error:

You've told PHP to kill all scripts that run longer than 90 seconds, so this is what you get.

None of our application's forms and scripts should take this amount of execution time.

Theory and practice sometimes diverge. You should seriously debug the problem - pinpoint the long-running script and find out why it's doing that - deep log and URL/cookies/headers analysis, possibly with increased log level.

So it doesn‘t seem to be a problem with the application itself.

That is a very dangerous assumption. Quite possibly there's an attack still going on. Currently, there might still be time to fix the problem before the attacker actually finds a security hole (high load can cause race conditions which in turn can open loop holes). At the very least, your website will get some hardening against DoS.

Solution 2:

You have to debug the script, place timing elements and add to some debug log. I doubt its an attack, its probably some loop, in the script that was unanticipated. I have written scripts where an error condition was not trapped and created an unanticipated loop. My educated guess, is that is exactly what is going on.

Related

File server fail over cluster
BackupPC - why does it use rsync --sender --server ...?
Automatically mount bucket with s3fs on boot
Salt: connection refused to proxy
How to disable visual display of modifier keys?
Microsoft Remote Desktop through ssh-forwarded port
Disable volume control noise on mac book pro?
How to disable single-user boot (command S)
Is there an iMessage client for OS X?
Is there any way to have a badge appear on the Terminal icon in the Dock when a command completes?
Control arrow key to jump to the next word
Can't stream audio from OSX Mavericks to Apple TV