Read this:
Code:
There is a leak in FastCGI version of PHP, it does not clean up properly after
each request. Using system's limits to kill off memory hogging FastCGI process
would not be a good idea as this would result in 500 errors. You can use
PHP_FCGI_MAX_REQUESTS ENV variable instead. After processing number
of requests defined by this variable, the FastCGI PHP will exit nicely and a
new/fresh process will be created in its place. You will need to figure out how
many requests is safe for your FastCGI process to process before you have it
restarted.
-Simon
On Tue, 20 Apr 2004 21:55:14 +0200, Florian Effenberger wrote:
>Hello PHP users,
>
>I have PHP running as CGI with Apache 2.0.49 on Linux 2.4.26 here, and with
>a huge PHP file involving some diagram creation, I can "kill" the machine if
>I re-load the
>script for five seconds continuously. It soaks up all my memory and runs for
>nearly a minute multiple times. I've tried to limit that via php.ini's
>memory limit setting and via Apache's RLimitCPU/RLimitNPROC/RLimitMEM
>directive, but it does not seem to work.
>
>Do you have any idea of what can be done in order to protect myself from
>such an "attack"?
>
>Thanks!
>Florian
http://www.fastcgi.com/archives/fastcgi-...03382.html