On 27 September 2007 17:50, [EMAIL PROTECTED] wrote:
> Apache is a single-thread/process-per-connection server. In order for
> any apache module to handle a connection, it must be accepted by a
> thread/process and will thus count towards MaxClients until it gets
> dropped/responded to. There is no
On 9/27/07, Oliver <[EMAIL PROTECTED]> wrote:
> On 27 September 2007 at 14:06, Christian Folini wrote:
> > On Thu, Sep 27, 2007 at 01:57:35PM +0100, Oliver wrote:
> > > So my question in simple terms is this: is there a way of limiting
> > > simultaneous connections per IP without having to launch
On 27 September 2007 at 14:06, Christian Folini wrote:
> On Thu, Sep 27, 2007 at 01:57:35PM +0100, Oliver wrote:
> > So my question in simple terms is this: is there a way of limiting
> > simultaneous connections per IP without having to launch additional
> > processes to handle the rejections?
>
On Thu, Sep 27, 2007 at 01:57:35PM +0100, Oliver wrote:
> So my question in simple terms is this: is there a way of limiting
> simultaneous connections per IP without having to launch additional
> processes to handle the rejections?
You may want to have a look into mod_qos:
http://sourceforge.net/
Hi,
I am currently running Apache (prefork) 2.0.55 under Ubuntu 6.06 LTS. Apache
is running on a VPS with a limited amount of RAM so I have been
investigating ways to limit the number of processes being opened per
visitor.
My MaxClients setting is set to 38 which is just about all the RAM I have
Going off on a slight tangent, is it possible to limit the number of
requests per second per remote ip? Similar to how mod_cband will limit
the number of requests per vhost/user but limit them for remote users?
Thanks
Ben
In case anyone else runs into the same problem, it turned out that a
co
In case anyone else runs into the same problem, it turned out that a
convenient fix was to use mod_evasive, which will temporarily firewall
ips based on number of TCP connections. The same Chinese sites are still
downloading material, but now in an orderly and manageable way :-)
Graham
Hamilt
hursday, June 21, 2007 7:11 PM
To: users@httpd.apache.org
Subject: Re: [EMAIL PROTECTED] limiting connections per ip address in apache2
whenunder attack
I tried your AliasMatch .* -> /usr/local/www/data/noaccess.htm
statement and get syntax error
Saying "AliasMatch takes two a
Bob wrote:
>
> If this is a real attack then you were found by rolling through a whole
> block of ip address looking for a open port 80.
> Change your apache server to use different port say 7788 instead of port 80
> and then use the free www.zoneedit.com dns service to redirect all FQDN to
> your
Bob wrote:
If this activity continues for more that 10 days then it's not normal search
engine indexing but really a attack designed to generate a denial of service
situation for your server to stop the Chinese public from accessing you. The
Chinese government is known to do this sort of thing t
To: users@httpd.apache.org
Subject: Re: [EMAIL PROTECTED] limiting connections per ip address in apache2
whenunder attack
I have been running my apache web server in the above described manner for 6
years now with out any problems. This technique is described in a apache
security book I have. I use a f
nt: Thursday, June 21, 2007 9:26 AM
To: users@httpd.apache.org
Subject: Re: [EMAIL PROTECTED] limiting connections per ip address in apache2
whenunder attack
Luis Moreira (ESI-GSQP) wrote:
This is not an "Apache answer", but it may help you.
Do the IPs vary too much, or can you set up a
are, if they belong to spam lists, etc
>
>
> May the farce be with you
>
>
> Luis
>
>
>
> -Original Message-
> From: graham [mailto:[EMAIL PROTECTED]
> Sent: quinta-feira, 21 de Junho de 2007 13:47
> To: users@httpd.apache.org
> Subject: [EMAIL PROTE
Unfortunately connlimit is missing from both debian and ubuntu at the
moment:
https://bugs.launchpad.net/ubuntu/+source/linux-source-2.6.20/+bug/60439/+activity
Shame, it looked like that was going to be such a neat way to fix the
problem...
Graham
Hamilton Vera wrote:
It is just a target
It is just a target name
$IPTABLES -N logdropdos
$IPTABLES -A logdropdos -j LOG --log-level INFO --log-prefix "[logdropdos]"
$IPTABLES -A logdropdos -j DROP
Just to make easier the log analisys, you can also use
"-j DROP" instead.
Hamilton Vera
int Administrator (char Network[],char Comput
rg
Subject: Re: [EMAIL PROTECTED] limiting connections per ip address in
apache2whenunder attack
On 6/21/07, Luis Moreira (ESI-GSQP) <[EMAIL PROTECTED]> wrote:
> This is not an "Apache answer", but it may help you.
>
> Do the IPs vary too much, or can you set up a firewall rul
Hamilton Vera wrote:
You can try to use iptables, to limit the number of TCP connections
$IPTABLES -A INPUT -p TCP -i $WAN -s 0/0 --syn --dport 80 -m connlimit
--connlimit-above 10 -j logdropdos
Sounds good. What's the 'logdropdos'? I don't seem to have it, and
google gives me nothing. Is
raham [mailto:[EMAIL PROTECTED]
Sent: quinta-feira, 21 de Junho de 2007 13:47
To: users@httpd.apache.org
Subject: [EMAIL PROTECTED] limiting connections per ip address in apache2
whenunder attack
Hi,
I've just become involved with a system running apache2.0.55 on ubuntu
with linux 2.6.17.
The s
On 6/21/07, Luis Moreira (ESI-GSQP) <[EMAIL PROTECTED]> wrote:
This is not an "Apache answer", but it may help you.
Do the IPs vary too much, or can you set up a firewall rule to block
incoming requests (any requests) from those IP ?
Sort of your own very personal "black list"?
Of course, should
You can try to use iptables, to limit the number of TCP connections
$IPTABLES -A INPUT -p TCP -i $WAN -s 0/0 --syn --dport 80 -m connlimit
--connlimit-above 10 -j logdropdos
Or implement a Freebsd firewall with QoS, applying shapes to parallel TCP
connections.
I hope this help.
On Thu, 21
From: graham [mailto:[EMAIL PROTECTED]
Sent: quinta-feira, 21 de Junho de 2007 13:47
To: users@httpd.apache.org
Subject: [EMAIL PROTECTED] limiting connections per ip address in apache2
whenunder attack
Hi,
I've just become involved with a system running apache2.0.55 on ubuntu
with linux 2.6.17.
Hi,
I've just become involved with a system running apache2.0.55 on ubuntu
with linux 2.6.17.
The system is currently unable to run due to repeated downloads of a
large number of pdfs by systems located in China. These are hogging all
sockets and eventually causing apache to die (I'm appendi
22 matches
Mail list logo
