A daily graph of a web server's load, indicating a spike in the load early in the day.
At any time web servers can be overloaded because of:
- Too much legitimate web traffic (i.e. thousands or even millions of clients hitting the web site in a short interval of time. e.g. Slashdot effect);
- DDoS (Distributed Denial of Service) attacks;
- Computer worms that sometimes cause abnormal traffic because of millions of infected computers (not coordinated among them);
- XSS viruses can cause high traffic because of millions of infected browsers and/or web servers;
- Internet web robots traffic not filtered / limited on large web sites with very few resources (bandwidth, etc.);
- Internet (network) slowdowns, so that client requests are served more slowly and the number of connections increases so much that server limits are reached;
* Web servers (computers) partial unavailability, this can happen because of required / urgent maintenance or upgrade, HW or SW failures, back-end (i.e. DB) failures, etc.; in these cases the remaining web servers get too much traffic and become overloaded.
Overload symptoms
The symptoms of an overloaded web server are:
- requests are served with (possibly long) delays (from 1 second to a few hundred seconds);
- 500, 502, 503, 504 HTTP errors are returned to clients (sometimes also unrelated 404 error or even 408 error may be returned);
- TCP connections are refused or reset (interrupted) before any content is sent to clients;
- in very rare cases, only partial contents are sent (but this behavior may well be considered a bug, even if it usually depends on unavailable system resources).
Anti-overload techniques
To partially overcome above load limits and to prevent overload, most popular web sites use common techniques like:
- managing network traffic, by using:
- Firewalls to block unwanted traffic coming from bad IP sources or having bad patterns;
- HTTP traffic managers to drop, redirect or rewrite requests having bad HTTP patterns;
- Bandwidth management and traffic shaping, in order to smooth down peaks in network usage;
- deploying web cache techniques;
- using different domain names to serve different (static and dynamic) content by separate Web servers, i.e.:
# using different domain names and/or computers to separate big files from small and medium sized files; the idea is to be able to fully cache small and medium sized files and to efficiently serve big or huge (over 10 - 1000 MB) files by using different settings;
# using many Web servers (programs) per computer, each one bound to its own network card and IP address;
# using many Web servers (computers) that are grouped together so that they act or are seen as one big Web server, see also: Load balancer;
# adding more hardware resources (i.e. RAM, disks) to each computer;
# tuning OS parameters for hardware capabilities and usage;
# using more efficient computer programs for web servers, etc.;
# using other workarounds, especially if dynamic content is involved.