為什麼 Apache 會創建如此多的內部虛擬連接？影響伺服器性能的 CPU 使用問題

December 10, 2019

試圖解決一些 CPU 使用問題並調查可能的惡意活動。作為其中的一部分，我對 Apache 日誌中的許多虛擬連接感到好奇。這些的起源是什麼，為什麼這麼多？

我們執行許多 PHP/MySQL Web 應用程序。我注意到在一個非常高的 CPU 峰值期間（高達 100% 的使用率），這top表明 Apache 創建了www-data我認為是 PHP 腳本命中的程序負載。

虛擬連接是問題的症狀還是部分原因？我還可以查看哪些其他內容？

/var/log/apache2/access.log

::1 - - [09/Dec/2019:14:42:32 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:42:33 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:42:34 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:42:35 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:42:36 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:42:37 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:42:38 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:42:39 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:42:40 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:42:46 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:42:53 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:42:54 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:42:55 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:42:57 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:42:58 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:42:59 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:00 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:01 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:02 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:03 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:04 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:05 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:06 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:12 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:13 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:14 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:15 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:16 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:17 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:22 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:23 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:27 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:34 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:38 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:39 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:40 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:41 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:42 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:43 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:44 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:45 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:46 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:47 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:48 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:49 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:50 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:51 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:52 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:53 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:43:57 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:44:00 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:44:03 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:44:04 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:44:05 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"
::1 - - [09/Dec/2019:14:44:06 +0000] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.4.37 (Ubuntu) OpenSSL/1.1.1a (internal dummy connection)"

從 Apache 文件：
當 Apache HTTP 伺服器管理其子程序時，它需要一種方法來喚醒正在偵聽新連接的程序。為此，它向自身發送一個簡單的 HTTP 請求。此請求將出現在 access_log 文件中，遠端地址設置為環回介面（如果配置了 IPv6，通常為 127.0.0.1 或 ::1）。如果您記錄 User-Agent 字元串（如以組合日誌格式），您將在非 SSL 伺服器上看到伺服器簽名後跟“（內部虛擬連接）”。在某些時期，您可能會看到每個 httpd 子程序最多有一個這樣的請求。
這些請求是完全正常的，您無需擔心它們。它們可以被簡單地忽略。
您可以通過將請求從“內部虛擬連接”重定向到空文件來使用 .htaccess
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^.*internal dummy connection.*$ [NC]
RewriteRule ^/$ /empty.html [L]

引用自：https://serverfault.com/questions/995017

為什麼 Apache 會創建如此多的內部虛擬連接？影響伺服器性能的 CPU 使用問題

相關問答

在 Ubuntu 16.04、Apache 上從 PHP 7.2 切換到 7.1

無法為使用者 www-data 設置打開文件限制並在 ubuntu 16.04 中處理 PHP

無法在我的伺服器上啟用 PHP-FPM

Azure Ubuntu VM 的 HTTP 響應非常慢

將請求從內部網路路由到本地 Apache – dnsmasq 工作？

Ubuntu 16.04 - 完全清除 php 但仍顯示 PHP 5.4.15 (cli)