httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <>
Subject Re: [users@httpd] Apache Configuration options to address IE caused Denial of Service
Date Fri, 26 Sep 2003 13:55:18 GMT

On Fri, 26 Sep 2003, E.I.Sarmas wrote:
> So we suggest some form of control by the use of new
> Apache directives that will limit the amount of requests
> per second from a certain IP, say
> max_IP_requests = 1

There are various (third-party) apache modules that can do this sort of
thing: mod_throttle, mod_dos_evasive, mod_bandwidth, etc.  See

But note that this is not nearly as easy as it seems.  In their default
configurations, most browsers make two or three simultaneous requests to a
server to download images, etc.  If you block that, you will slow them
down.  You could also easily have many different clients coming from the
same IP address through a NAT or other type of proxy.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message