Put out another fire today / last night.
Turns out this new version of apache webserver we are running was vulnerable to slow loris attacks, despite me replicating the security settings the previous server had. Turns out that on the newer OS, a few of the security components no longer work the same way. They simply ignore the former settings that work..
Ah, the joys of working with open source software..
Our server was temporarily inaccessible last night around 10PM PST, and after some analysis of logs, i found that the reason for the downtime was the same kind of DDOS attack that was plaguing this forum before i came on as a system administrator
I have an updated security rule set in place. Me and gammaray have tested this and found that the system is no longer vulnerable to this attack.
However, these new security settings are a bit on the strict side. Please let me know if you experience any erratic behavior from our web server as a result.