Using RAM (tmpfs) for a pagespeed cache and CSF/LFD warnings
113 views
Skip to first unread message
Zodiac W.
Nov 20, 2017, 3:18:02 PM11/20/17
to mod-pagespeed-discuss
Hi,
I have a server with a 128GB of RAM and SSD disks and I decided to use tmpfs (RAM) for pagespeed cache. I am trying to save SSDs from wearing.
I did as instructed here and added "noexec,nosuid,nodev" for a higher security
Everything is working fine, but now I am receiveing warning emails from CSF/LFD firewall every couple of seconds.
Example:
lfd on my.server.com: Suspicious File Alert
Time: Mon Nov 20 21:07:17 2017
File: /tmp/pgsp/v3/somedomain.com/https,3A/,2Fwww.somedomain.com/wp-login.php,
Reason: Script, file extension
Owner: nobody:nobody (99:99)
Action: Moved into /var/lib/csf/suspicious.tar
99% of these warnings are regarding different-domains.com/wp-login.php
None of those domains has WordPress and there is no wp-login.php file
I can see wp-login.php files in the pagespeed cache directory.
Before I was using cache directory on the SSD and there were no warnings, but I guess that's because CSF/LFD is watching /tmp folder, or not? :)
Any advice? Should I be concerned? or just add pagespeed cache folder to CSF/LFD ignore list?
I can post wp-login.php cache file content if that will help.
Server is using CloudLinux 7, pagespeed is installed with the easyapache4.
Thanks!
Otto van der Schaaf
Nov 20, 2017, 4:46:28 PM11/20/17
to mod-pagesp...@googlegroups.com
With in-place resource optimization turned on, you may end up with cache entries that mod_pagespeed uses to remember that the url shouldn't be considered for optimization again.
It looks like an automated process is scanning your site(s) for wp-login.php, and that causes the entry the url to be marked in the cache folder.
You could consider using Disallow [1] to exclude pagespeed from considering this url, that would avoid the entries being written to the FileCache.
Otto
--
You received this message because you are subscribed to the Google Groups "mod-pagespeed-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mod-pagespeed-di...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/mod-pagespeed-discuss/139ba7a9-26e8-4440-b7f5-7e5ce910d719%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Message has been deleted
Zodiac W.
Nov 21, 2017, 4:13:28 PM11/21/17
to mod-pagespeed-discuss
That's it, working perfectly :)
Thank You!
Reply all
Reply to author
Forward
0 new messages