Server Settings HELP!

Okay so I am BELIEVING all my current issues relate to server settings and I need help getting this working. 

FIrst I am getting the following errors whenever someone tries to watch a video -

Warning: mysql_query() expects parameter 2 to be resource, boolean given in ~/flash/modules/global/inc/db.inc.php on line 48

Warning: mysql_query() expects parameter 2 to be resource, boolean given in ~/flash/modules/global/inc/db.inc.php on line 49

Warning: mysql_query() expects parameter 2 to be resource, boolean given in ~/flash/modules/global/inc/db.inc.php on line 50
Database access error.
Warning: mysql_error() expects parameter 1 to be resource, boolean given in ~/flash/modules/global/inc/db.inc.php on line 69

Then the video returns "unsupported version or incorrect mime type."

If I reset the server, the problem goes away for 10 minutes or so - then returns.

My CPU is running at 100% at all times.

I have set php memory_limit=2048M 

My server is running a Intel Core i5 @ 1.80 GHZ with 8 GB of RAM

I am running this on a windows system with apache32/php32/sql 64.

My understanding is to increase php passed 2G Memory one needs 64bit builds - but before I go that route I want to ensure this will fix the problem.

I should mention that I am getting between 20 and 100 visitors to the front page of the site every single minute.  I have 1500+ members (generally not more than 5 to 10 logged in at once) and am averaging around 100 new members a day. I have around 1000 photo's and 20 videos hosted. 

Video and image permissions are set by users, so many of these are available to the public at large - meaning even without member logged in video's are being viewed (or attempted to be as the errors are preventing it)  

Is switching to 64 bit and increasing the memory the way to go or is there some other settings that may solve the issue? Perhaps I am way off base and this isn't the issue at all? 

At the same time the database issues start, apache error logs start displaying the following:

[core:error] [pid 6408:tid 2248] (20024)The given path is misformatted or contained invalid characters: [client *.*.*.*:54576] AH00127: Cannot map GET /https://myurl.com/templates/base/images/spacer.gif HTTP/1.1 to file, referer: http://myurl/zloigoblin 

[core:error] [pid 6408:tid 2616] (20024)The given path is misformatted or contained invalid characters: [client *.*.*.*:64544] AH00127: Cannot map GET /https://myurl.com/flash/modules/global/js/integration.js HTTP/1.1 to file, referer: http://myurl.com/m/videos/categories

[core:error] [pid 6408:tid 2416] (20024)The given path is misformatted or contained invalid characters: [client *.*.*.*:60186] AH00127: Cannot map GET /javascript:void(0) HTTP/1.1 to file

Please help as this is literally making the site unusable.  

Thats is why i love Nginx (Lemp) server setup. what about the RMS ?

Are you IIS 8 with php or just some form of apache on a windows machine ?

warning is pretty much saying mysql is down or returning a null value

if you ask me php memory limit is to high... 

1.8 cpu is to low

100 requests a minute seems like a low ddos attack - you should see if its all coming from the same IP

If you have remote desktop access i can take a look....  

I have no idea what RMS is other than "root mean square". I suppose I should research RMS? Do you have a link as to where I can read about this? 

Also I have learned many of my database errors may be related to database connection limits so I have increased my.ini max connections and max user connections to 50k 

Still not helping with CPU usage but we shall see about the database connection issues soon enough.  

Ray Media Server ...Usually flash modules are linked to RMS. Depends which module you are using. But right now you are running out of memory. I can help you if you know about  linux based server setup, Lemp based server consume very low memory. Only thing i can't figure out so far is the rewrite rules setup for Lemp server but you can always disable permalinks. 

@dolphin_jay

Well its tricky to track things down with my setup. Yes apache32 is what I am using. 

It is an issue of the SQL database going down.

20 to 100 requests a minute actually seems average based on other sites I host, but its impossible to trace if its a ddos per say as the entire site is hosted via a proxy - thus all IP's are the same IP.  

I can't offer remote access but is there some other way to determine if its a DDoS vs real users if hosting through a proxy setup 

@ moonsoon2u

I do know plenty about *nix but I prefer to use windows if possible. Can you send me links about setting up RMS? What ports I need to open on our proxy? Etc? 

Modules I have installed:
avatar
Files
Forums
html5 A/V player
News
Photos
Spy
Timeline
Videos

Also for the record, every single one of my members/visitors has no flash plugin installed (believe me this makes using many of the boonex plugins impossible).
 

mod_ip or mod_remoteIP  should help with the real IP

and RMS has nothing to do with your issue.  not even sure why he would ask that.

the only other thing i can offer is team viewer or a skype screen share... 

Sorry i was thinking a 100 a second not minute. 

Unfortunately the way our network setup exists, even enabling IP monitoring mods, we would still only get the IP of yet  another proxy server. Its a vast array of proxy servers that all connect to each other to make real IP's untraceable. 

Unfortunately our network is intended to be very secure so I can't allow things such as screen sharing and remote access. I understand this limits anyone's ability to help, but if anyone has any solutions I am all ears. 

It would seem to be being as this is related to sql (although the issue only appears on video pages)  that the fix must either be a setting  within the my.ini file - or that the only alternative is to get a better performing server. 

If I have to get a better performing server, what specs should I be looking for. You say 1.8GHz is low - what would be better equipped to host such a site (also do to privacy issues, using hosting providers is absolutely out of the question). 

Or perhaps the SQL issue and the 100% CPU are unrelated? Its actually apache using 100% CPU not sql despite it being sql that seems to kickback the error.  

Well it's possible that apache is taking all the cpu time so there is nothing left for mysql to use. 

not sure why you wouldn't use 64 bit when possible by the way...

for my clients i use:

Intel E5-1620v2  3.9GHZ 4 cores 8 threads

64 gigs of ram

1 gig dedicated ethernet.

some quick stats for the week on that machine:

Figures in parentheses refer to the 7-day period ending Jun 11 2015 at 7:37 AM.

Successful requests: 146,433,862 (28,984,353) 
Average successful requests per day: 3,675,971 (4,140,621) 
Successful requests for pages: 53,930,623 (11,086,451) 
Average successful requests for pages per day: 1,353,836 (1,583,778) 
Failed requests: 325,959 (3,112) 
Redirected requests: 346,210 (4,979) 
Distinct files requested: 104,681,339 (2,785,134) 
Distinct hosts served: 17,984 (3,339) 
Data transferred: 894.26 gigabytes (234.18 gigabytes) 
Average data transferred per day: 22.45 gigabytes (33.45 gigabytes)

Also picking up some 64 core opteron machines later day...  :)   can't wait.

 how much you are charging for this?

Okay so I have established this IS a DoS attack (low level it seems). If I start my server before connecting the proxy, it works perfectly. I issue a netstat and all looks normal. 

If I startup the proxy everything stays fine, monitoring the process I see it uses less than 20% CPU and less than 300M of memory.

I issues the netstat command and see the typical 20 to 100 users a minute (based on socket connections).

After about 10 minutes, my CPU starts utilizing 100% of 2.6 GHz (1 CPU socket, 2 core, 4 logical processors, max speed of 1.8 GHz). 

Then if I issue the netstat command, endless sockets are open, and if I issue the command 5 or 10 times in a row, I can watch the sockets fill until I can do absolutely nothing socket based on the system (obviously non-socket tasks perform perfectly - and this is a known "thing" with windows in that it doesn't wrap sockets to processes so killing a process doesn't clear up the sockets and it makes ALL sockets unusable systemwide. On *nix systems sockets work considerably different).

Not sure how to handle this so I suppose I need to research port flooding and socket based DoS prevention.

I thank everyone for their help!