Tags:
create new tag
view all tags

Question

I just upgraded from 01-SEP-2004 to 4.2.3. (I selected 4.2.2 in the dropdown list because 4.2.3 isn't listed.) Now my hosting provider is complaining that the search.cgi script is running a long time and using excessive CPU. Could this be a configuration error? Are there known denial-of-service flaws in this script? When I run a search myself it completes very quickly.

I don't have anything in the webserver logs related to search.cgi. I do have a lot of errors like this from view.cgi, but I don't know if they're related:

[Mon Oct 06 08:39:03 2008] [error] [client 217.149.243.212] [Mon Oct 6 08:39:03 2008] view.cgi: Argument "" isn't numeric in numeric gt (>) at /hw12/d83/uwcl/twiki-4.2.3/lib/TWiki/Plugins/TablePlugin/Core.pm line 564.

[Mon Oct 06 08:39:03 2008] [error] [client 217.149.243.212] [Mon Oct 6 08:39:03 2008] view.cgi: Argument "" isn't numeric in numeric eq (=) at /hw12/d83/uwcl/twiki-4.2.3/lib/TWiki/Plugins/TablePlugin/Core.pm line 637.=

Any ideas? I've had to temporarily disable search functionality in order to work around this.

UPDATE: I guess I'm not actually sure what search.cgi does. I thought it was needed for searching, but with it disabled I'm still able to search using the search box in the upper right corner of the page. What are the consequences of leaving this script disabled?

Environment

TWiki version: TWikiRelease04x02x02
TWiki plugins: CommentPlugin, EditTablePlugin, EmptyPlugin, InterwikiPlugin, PreferencesPlugin, RenderListPlugin, SlideShowPlugin, SmiliesPlugin, SpreadSheetPlugin, TablePlugin, TinyMCEPlugin, TwistyPlugin, WysiwygPlugin
Server OS: RedHat Enterprise AS 3
Web server:  
Perl version: 5.8.0
Client OS:  
Web Browser:  
Categories: Security, Performance

-- DavidBrodbeck - 06 Oct 2008

Answer

ALERT! If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.

I don't think search.cgi is used for anything any more. It should be fine to leave it disabled. Does that cure your problem?

-- CrawfordCurrie - 20 Oct 2008

Sorry, closing this after more than 30 days of inactivity. Please feel free to re-open if needed.

-- PeterThoeny - 10 Dec 2008

Hi My ISP has given me the same ultimatum. As can be seen below this is what they have sent me.

snip---

Please can you kindly remove or repair the search.cgi function in their wiki pages. This function runs without completing, and unnecessarily wastes CPU time.

    6.85 5.10 0.0
Top Process 33.1 /usr/bin/perl -wT search.cgi
Top Process 26.4 /usr/bin/perl -wT search.cgi
Top Process 26.1 /usr/bin/perl -wT search.cgi

If it is necessary to run this function without modification (e.g. alarm() or ulimit) then we will need to move the domain to a dedicated server.

snip---

-- LionelBroes - 2009-09-02

%CLOSE_30_DAYS%

-- PeterThoeny - 2009-11-23

Change status to:
WebForm
SupportStatus ClosedUnanswered
Edit | Attach | Watch | Print version | History: r5 < r4 < r3 < r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r5 - 2009-11-23 - PeterThoeny
 
  • Learn about TWiki  
  • Download TWiki
This site is powered by the TWiki collaboration platform Powered by Perl Hosted by OICcam.com Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.
Copyright © 1999-2026 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.