httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Kew <n...@webthing.com>
Subject Re: [users@httpd] How to prevent from simple DoS?
Date Mon, 19 Nov 2007 19:55:35 GMT
On Mon, 19 Nov 2007 20:19:20 +0100
"Ben Macintosh" <bmac.list@gmail.com> wrote:

> 2007/11/18, Joshua Slive <joshua@slive.ca>:
> 
> > See:
> > http://httpd.apache.org/docs/trunk/misc/security_tips.html#dos
> >
> > The standard solution is a simple firewall rule to control number of
> > connections per ip at some reasonable level.
> 
> I already thought about using a firewall rule. Although it could be
> quite difficult to get it right. As every malicious request blocks a
> slot for 5 minutes there hasn't got to be a lot of traffic/requests.

5 minutes???  Where does that come from?

Maybe you might want to use AcceptFilter to prevent malicious requests
tying anything up for more than a couple of microseconds?

-- 
Nick Kew

Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message