httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Cindy Ballreich <>
Subject Re: question about limiting connections
Date Wed, 17 Jul 2002 17:21:18 GMT
At 07:59 PM 7/16/02 -0700, Michael wrote:
>I've noticed a few times the network link to my apache web server (1.3.22) 
>slows to a crawl.  Looking at the logs a specific person at that time is 
>downloading a file using what looks like a "browser booster" of some 
>sort.  There are multiple file requests (multiple children spawned) for the 
>same file within a millisecond from each other.  My guess is this "booster" 
>is breaking up that target file to boost his download rate while robbing 
>everyone else of theirs.
>I can see this leading to a DOS attack.  Simply choose a large file and 
>download it multiple times with this booster.
>Of course the copout is to not have large files available for web download, 
>but that defeats the purpose of allowing web downloads.
>I was wondering if there is a way to stop this behavior through some server 
>configuration.  I'd like to force this person to only have 1 child process 
>to download their file rather than 5 to 11.

I've had similar problems. What user-agent is giving you the most trouble?

I'm banning a couple of download utilities that have been problems. Here's what I'm doing
(in .htaccess)...

SetEnvIf User-Agent ^NetAnts file_hog
SetEnvIf User-Agent ^GetRight file_hog
Deny from env=file_hog

Generally, I don't feel that download utilities are a bad thing. They can be helpful to some
users. But some (as you point out) have DOS potential, and a few users like to use them to
download the entire web site.

I hope this is helpful.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message