Hi there,
My, usually stable, server (Magento ver. 1.9.2.4) just fell over completely - I had to restart it from my hosts control panel, and it came back up fine. I'm trying to figure out what might have caused it. There is a load of this in the Apache error log (approx 40-50 lines) from various IPs, all within a couple of minutes, but a few days ago:
[Mon May 23 05:15:54 2016] [error] [client 207.46.13.169] PHP Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[HY000]: General error: 1205 Lock wait timeout exceeded; try restarting transaction' in /var/www/undisclosed/lib/Zend/Db/Statement/Pdo.php:228\nStack trace:\n#0 /var/www/undisclosed/lib/Zend/Db/Statement/Pdo.php(228): PDOStatement->execute(Array)\n#1 /var/www/undisclosed/lib/Varien/Db/Statement/Pdo/Mysql.php(110): Zend_Db_Statement_Pdo->_execute(Array)\n#2 /var/www/undisclosed/app/code/core/Zend/Db/Statement.php(291): Varien_Db_Statement_Pdo_Mysql->_execute(Array)\n#3 /var/www/undisclosed/lib/Zend/Db/Adapter/Abstract.php(480): Zend_Db_Statement->execute(Array)\n#4 /var/www/undisclosed/lib/Zend/Db/Adapter/Pdo/Abstract.php(238): Zend_Db_Adapter_Abstract->query('INSERT INTO `co...', Array)\n#5 /var/www/undisclosed/lib/Varien/Db/Adapter/Pdo/Mysql.php(504): Zend_Db_Adapter_Pdo_Abstract->query('INSERT INTO `co...', Array)\n#6 /var/www/undisclosed/lib/Zend/Db/Adapter/Abstract.php(576): Varien_Db_Adapter_Pdo_Mysql->query('INSERT INTO `co...', Array)\n#7 /var/www/undisclosed/app/code/core/Mage/Core/Model/Resource/Session.php(249): Zend_Db_Ada in /var/www/undisclosed/lib/Zend/Db/Statement/Pdo.php on line 235
There's also other IPs requesting hackerish end points on earlier days...
[Mon May 23 09:04:11 2016] [error] [client 212.48.84.179] client denied by server configuration: /var/www/undisclosed/app/etc/local.xml
I've checked for any new admin acounts, there are none and I'll follow the tips I can from the recent security advice, but does this look like exploit attempts or is there other stuff I should be checking to find out why my server fell over?
TIA
Ben
It looks like someone may be trying to compromise your Magento installation and the large amount of attempts that they make may have overwhelmed your MySQL service.
Do make sure that you follow Magento Security Best Practises to ensure that such compromise attempts will not succeed.
I had two server crashes last week. Not here for the autopsy.
All non-mysiam tables were totally destroyed, while mysiam was held harmless.
Any comments?
We have had a problem like this before.
First, make sure you are using a Magento optimized host. I just say this because occasionally someone tries to use a $5/month GoDaddy plan and expects things to go smoothly.
Second, I wouldn't be worried about the "client denied by server configuration" logs. I get those on every Magento site I am on.
Thirdly, this happened to us when a Russian bot attempted to index our site. It was indexing 500 pages a second. The site that this happened too was only optimized for about 100 concurrent users at a time.