Find source of sleeping mysql connections

Question

We have a very large number of PHP scripts running on our server that do a variety of things. Lately I've noticed that when looking in PHPMyAdmin there are a large number of connections to our MySQL server just lingering.

Normally we're very good about closing connections when the querying in the script is done but obviously somewhere along the way we missed one or more.

I know which database the connection is being made to but that only narrows it down so much.

TL/DR I'm looking for an easy way to identify which script is maintaining a connection when it shouldn't be.

http://php.net/manual/en/features.persistent-connections.php — Michael Hampton, Nov 06 '15 at 21:37

score 2 · Accepted Answer · answered Nov 08 '15 at 11:05

2

Look in the full processlist for the Host column of theses connections :

show full processlist\G

Take the host and port of one of theses connections.

Then SSH to the source server, and search which process has make this connection :

netstat -ntp |grep :theport

At the end of the line you will have the pid/process name of your script.

answered Nov 08 '15 at 11:05

mick

715
6
7

This almost worked for me, I only see this result: tcp 0 0 10.0.0.1:37116 10.0.0.2:3306 ESTABLISHED 8004/httpd. I have different servers for apache and mysql, any ideas how to view the script used by the attacker? Thanks in advance, it's urgent!! – andreszs Mar 09 '17 at 17:56

Find source of sleeping mysql connections

1 Answers1