I'm having an issue with the default configuration of tomcat 7 on Debian 8.
Problem:
I got the cpu of my server, due to java process, jump to 100% and stay there for hours making the server slow.
If I restart tomcat server the cpu goes again to 1%. After some hours the problem starts again.
Java Application status: No custom java applications are installed on tomcat so this is probably a tomcat issue.
Logs:
Watching catalina.out I found this error message in corrispondence to the cpu pitch start
Jan 19, 2017 1:03:23 AM
org.apache.coyote.http11.AbstractHttp11Processor process INFO: Error
parsing HTTP request header
How to replicate:
After the server restart I have tried to access the tomcat server home page using https by visiting this url through a web browser
and voila, the cpu start to go crazy and I get the log as before.
What does it means: This means everyone with a special request can DDOS my server
Question:
Is there any way to solve this issue possibily without changing my linux distribution or packaged versions of tomcat used by apt?
I'm using a fresh debian 8 default image from Google Compute Engine.
tomcat 7.0.56
Java 1.7.0_111
Best Answer
I had exactly the same problem with Debian 8, tomca7.0.56.
For me uprading to the backport version solved it. I upgraded tomcat7, tomcat7-common, libtomcat7-java and libservlet3.0-java to version =7.0.73-1~bpo8+1 (like this way: apt-get install tomcat7=7.0.73-1~bpo8+1)
I think we have a massive security issue with the current release of tomcat 7.0.56 in Debian 8. With the standard configuration everyone who simply calls https:// domain.tld:8080 causes thes cpu scaling to 100% until you restart the tomcat!