-
Notifications
You must be signed in to change notification settings - Fork 4
/
README
58 lines (39 loc) · 1.86 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
mod_limits.c
Marian Marinov <[email protected]>
Ideas borrowed from David Jao <[email protected]> (mod_limitipconn).
This apache module is aimed at protecting the web server during attacks.
It provides a few, very usefull, functionalities:
* Limit the maximum number of simultaneous connections
* Limit the maximum number of simultaneous connections per Vhost
* Limit the maximum number of spawned processes with the same UID
* Do not serve request if the load is over certain value
Example configuration:
---------------------------------------------------------------------------
ExtendedStatus On
LoadModule limits_module modules/mod_limits.so
<IfModule mod_limits.c>
LimitMaxConnsPerVhost 20
LimitMaxConnsPerUid 20
LimitMaxConnsPerIP 30
LimitMaxLoadAVG 10
CheckLoadInterval 5
</IfModule>
---------------------------------------------------------------------------
Notes:
This module will not function unless mod_status is loaded and the
"ExtendedStatus On" directive is set.
The limits defined by mod_limits.c apply to all IP addresses
connecting to your Apache server. Currently there is no way to set
different limits for different IP addresses.
Connections in excess of the limit result in a stock 503 Service
Temporarily Unavailable response. The job of returning a more useful
error message to the client is left as an exercise for the reader.
mod_limits sets the LIMITED environment variable to 1 whenever a
request is denied. You can use this variable to distinguish accesses
that have been denied by this module. For example, a line like:
CustomLog /var/log/httpd/access_log common env=!LIMITED
in httpd.conf can be used to suppress logging of denied connections
from /var/log/httpd/access_log.
The options can be used within the main configuration or within
a VirtualHost configuration.
You can have different limits for different vhosts.