# Apache stopped working suddenly



## tonisl (May 31, 2012)

Hi everyone!

I have a problem, maybe someone can help. Suddenly my Apache stopped working and I can't get it running anymore.

If *I* enter [CMD=]apachectl status[/CMD] it gives me 
	
	



```
Looking up localhost
Making HTTP connection to localhost
Alert!: Unable to connect to remote host.

lynx: Can't access startfile http://localhost/server-status
```

I'm still using Apache 1.3 and haven*'*t touched anything for alm*o*st four years b*e*c*a*use it's only a webserver.

*B*ut if I ping localhost inside the server being physically connected, then the server gives an answer 
	
	



```
PING localhost (127.0.0.1): 56 data bytes
64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.043 ms
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.032 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.039 ms
64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=0.038 ms
64 bytes from 127.0.0.1: icmp_seq=4 ttl=64 time=0.039 ms
^C
--- localhost ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.032/0.038/0.043/0.004 ms
```
]

I don't know what to do anymore, it just stopped suddenly.

I really need help with that because lots of people useing it on a daily bas*i*s.


----------



## SirDice (May 31, 2012)

Apache 1.3 went end-of-life two years ago. And if you haven't touched it in about four years that would also mean you never applied any security fixes. 

I'd take the host off-line immediately as it's most likely being abused by hackers now.


----------



## tonisl (May 31, 2012)

It only runs on intranet it can't be touched by outside connection.


----------



## suntzu (May 31, 2012)

Do you want to force us to beg for some logs and other errors?


----------



## tonisl (May 31, 2012)

Here's httpd-access.log. But those are errors from long ago.


```
[Wed Feb  8 09:28:18 2006] [notice] Apache/1.3.33 (Unix) mod_perl/1.29 configured -- resuming normal operations
[Wed Feb  8 09:28:18 2006] [notice] Accept mutex: flock (Default: flock)
[Wed Feb  8 09:28:18 2006] [error] [client 217.159.234.146] File does not exist: /usr/local/www/data/gif/menu/uudised1.gif
[Wed Feb  8 09:28:18 2006] [error] [client 217.159.234.146] File does not exist: /usr/local/www/data/phpAdsNew/adframe.php
[Wed Feb  8 09:28:18 2006] [error] [client 217.159.234.146] File does not exist: /usr/local/www/data/gif/menu/reg1.gif
[Wed Feb  8 09:28:19 2006] [error] [client 217.159.234.146] File does not exist: /usr/local/www/data/gif/menu/teenused1.gif
[Wed Feb  8 09:28:19 2006] [error] [client 217.159.234.146] File does not exist: /usr/local/www/data/gif/alad.gif
[Wed Feb  8 09:28:19 2006] [error] [client 217.159.234.146] File does not exist: /usr/local/www/data/gif/kinni.gif
[Wed Feb  8 09:28:19 2006] [error] [client 217.159.234.146] File does not exist: /usr/local/www/data/phpAdsNew/banners/defaultbanner.gif
[Wed Feb  8 09:28:19 2006] [error] [client 217.159.234.146] File does not exist: /usr/local/www/data/gif/empty.gif
[Wed Feb  8 09:28:19 2006] [error] [client 217.159.234.146] File does not exist: /usr/local/www/data/phpAdsNew/adlog.php
[Wed Feb  8 09:28:19 2006] [error] [client 217.159.234.146] File does not exist: /usr/local/www/data/phpAdsNew/adlog.php
[Wed Feb  8 09:28:19 2006] [error] [client 217.159.234.146] File does not exist: /usr/local/www/data/gif/top_galeriid.gif
[Wed Feb  8 09:28:19 2006] [error] [client 217.159.234.146] File does not exist: /usr/local/www/data/index_bin.php
[Wed Feb  8 09:28:19 2006] [error] [client 217.159.234.146] File does not exist: /usr/local/www/data/index_bin.php
[Wed Feb  8 09:28:20 2006] [error] [client 217.159.234.146] File does not exist: /usr/local/www/data/gif/es_kuum.gif
[Wed Feb  8 09:28:20 2006] [error] [client 217.159.234.146] File does not exist: /usr/local/www/data/index_bin.php
```

What log files do you guys need? I'm not so into this stuff. S*o*r*r*y I do my best.


----------



## tonisl (May 31, 2012)

httpd-log 


```
[Wed May 30 08:31:01 2012] [notice] Apache/1.3.33 (Unix) mod_perl/1.29 configured -- resuming normal operations
[Wed May 30 08:31:01 2012] [notice] Accept mutex: flock (Default: flock)
[Wed May 30 08:36:32 2012] [notice] SIGHUP received.  Attempting to restart
[Wed May 30 08:36:33 2012] [notice] Apache/1.3.33 (Unix) mod_perl/1.29 configured -- resuming normal operations
[Wed May 30 08:36:33 2012] [notice] Accept mutex: flock (Default: flock)
[Wed May 30 10:56:17 2012] [notice] caught SIGTERM, shutting down
[Wed May 30 10:56:25 2012] [notice] Apache/1.3.33 (Unix) mod_perl/1.29 configured -- resuming normal operations
[Wed May 30 10:56:25 2012] [notice] Accept mutex: flock (Default: flock)
[Wed May 30 10:56:50 2012] [notice] caught SIGTERM, shutting down
[Wed May 30 13:26:28 2012] [notice] Apache/1.3.33 (Unix) mod_perl/1.29 configured -- resuming normal operations
[Wed May 30 13:26:28 2012] [notice] Accept mutex: flock (Default: flock)
[Wed May 30 13:38:53 2012] [notice] caught SIGTERM, shutting down
[Wed May 30 13:48:32 2012] [notice] Apache/1.3.33 (Unix) mod_perl/1.29 configured -- resuming normal operations
[Wed May 30 13:48:32 2012] [notice] Accept mutex: flock (Default: flock)
[Wed May 30 14:12:11 2012] [crit] (48)Address already in use: make_sock: could not bind to port 8888
[Wed May 30 14:22:41 2012] [notice] caught SIGTERM, shutting down
[Wed May 30 14:32:31 2012] [alert] mod_unique_id: unable to gethostbyname("vedur")
[Wed May 30 14:34:36 2012] [alert] mod_unique_id: unable to gethostbyname("vedur")
[Wed May 30 14:36:33 2012] [alert] mod_unique_id: unable to gethostbyname("vedur")
[Wed May 30 14:38:58 2012] [alert] mod_unique_id: unable to gethostbyname("vedur")
[Wed May 30 14:39:14 2012] [alert] mod_unique_id: unable to gethostbyname("vedur")
[Wed May 30 14:40:31 2012] [notice] Apache/1.3.33 (Unix) mod_perl/1.29 configured -- resuming normal operations
[Wed May 30 14:40:31 2012] [notice] Accept mutex: flock (Default: flock)
[Thu May 31 13:21:03 2012] [notice] SIGHUP received.  Attempting to restart
[Thu May 31 13:21:04 2012] [notice] Apache/1.3.33 (Unix) mod_perl/1.29 configured -- resuming normal operations
[Thu May 31 13:21:04 2012] [notice] Accept mutex: flock (Default: flock)
[Thu May 31 13:37:46 2012] [crit] (48)Address already in use: make_sock: could not bind to port 8888
[Thu May 31 14:11:11 2012] [notice] caught SIGTERM, shutting down
[Thu May 31 14:11:20 2012] [notice] Apache/1.3.33 (Unix) mod_perl/1.29 configured -- resuming normal operations
[Thu May 31 14:11:20 2012] [notice] Accept mutex: flock (Default: flock)
[Thu May 31 15:15:07 2012] [notice] SIGHUP received.  Attempting to restart
[Thu May 31 15:15:08 2012] [notice] Apache/1.3.33 (Unix) mod_perl/1.29 configured -- resuming normal operations
[Thu May 31 15:15:08 2012] [notice] Accept mutex: flock (Default: flock)
[Thu May 31 15:22:20 2012] [notice] caught SIGTERM, shutting down
[Thu May 31 15:24:53 2012] [notice] Apache/1.3.33 (Unix) mod_perl/1.29 configured -- resuming normal operations
[Thu May 31 15:24:53 2012] [notice] Accept mutex: flock (Default: flock)
```

Anything else?


----------



## suntzu (May 31, 2012)

*P*ost httpd.conf.

*A*dd 
	
	



```
AcceptMutex fcntl
```
 to the end of httpd.conf and restart apache with [CMD=""]/usr/local/etc/rc.d/apache restart[/CMD]


----------



## tonisl (Jun 1, 2012)

I am getting error after adding 
	
	



```
Acceptmutex fcntl
```
 to httpd.conf:


```
/usr/local/sbin/apachectl restart: configuration broken, ignoring restart
/usr/local/sbin/apachectl restart: (run 'apachectl configtest' for details)
vedur# apachectl configtest
Requested serialization method 'fcntl' not available
```


----------



## SirDice (Jun 1, 2012)

tonisl said:
			
		

> It only runs on intranet it can't be touched by outside connection.



There is more to fear from your own employees than from outside hackers. Employees already have access to your network and they usually know where the interesting stuff is kept.

In short, treat internal hosts exactly the same as you would an external one.


----------



## tonisl (Jun 1, 2012)

SirDice said:
			
		

> There is more to fear from your own employees than from outside hackers. Employees already have access to your network and they usually know where the interesting stuff is kept.
> 
> In short, treat internal hosts exactly the same as you would an external one.



They have only acces to their home folders and shared drives. And trust me they don't know how to use ssh. This is not the cause.


----------

