httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From John Doe <>
Subject Re: [users@httpd] Handling a simple dos attack
Date Fri, 06 Nov 2009 13:58:30 GMT
From: "" <>
>We occasionally get hit by a miscreant client who will open a large number of connections
and leave them in an open/wait state, using all the available children. I have more than adequate
resources for normal traffic. Limiting the number of connections from a single source isn't
an option because the nature of our business means that we often have many connections from
a single IP. Right now, we deal with the problem by banning the offending IP in our firewall
and restarting Apache.  
>How do other people handle this? Is there something more creative I can do inside Apache?
I'm thinking of the way that Postfix handles stress, where it can decrease time-out values
under high load to drop connections more quickly and keep resources free (I know, it isn't
exactly comparable to http, but still ... ). Can I do something similar with Apache? Suggestions
or pointers to the right docs would be greatly appreciated. 

Did you look at ?
An article:



The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message