httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [users@httpd] Handling a simple dos attack
Date Fri, 06 Nov 2009 12:09:56 GMT
We occasionally get hit by a miscreant client who will open a large number
of connections and leave them in an open/wait state, using all the available
children. I have more than adequate resources for normal traffic. Limiting
the number of connections from a single source isn't an option because the
nature of our business means that we often have many connections from a
single IP. Right now, we deal with the problem by banning the offending IP
in our firewall and restarting Apache.

How do other people handle this? Is there something more creative I can do
inside Apache? I'm thinking of the way that Postfix handles stress, where it
can decrease time-out values under high load to drop connections more
quickly and keep resources free (I know, it isn't exactly comparable to
http, but still ... ). Can I do something similar with Apache? Suggestions
or pointers to the right docs would be greatly appreciated.

View raw message