Return-Path: <users-return-114813-archive-asf-public=cust-asf.ponee.io@httpd.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id ACAEE200BF7
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Mon,  9 Jan 2017 12:46:26 +0100 (CET)
Received: by cust-asf.ponee.io (Postfix)
	id AB38A160B3E; Mon,  9 Jan 2017 11:46:26 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id CE3BD160B3B
	for <archive-asf-public@cust-asf.ponee.io>; Mon,  9 Jan 2017 12:46:25 +0100 (CET)
Received: (qmail 48880 invoked by uid 500); 9 Jan 2017 11:46:24 -0000
Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
list-help: <mailto:users-help@httpd.apache.org>
list-unsubscribe: <mailto:users-unsubscribe@httpd.apache.org>
List-Post: <mailto:users@httpd.apache.org>
List-Id: <users.httpd.apache.org>
Delivered-To: mailing list users@httpd.apache.org
Received: (qmail 48835 invoked by uid 99); 9 Jan 2017 11:46:24 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 09 Jan 2017 11:46:24 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id 9C9791A8B65
	for <users@httpd.apache.org>; Mon,  9 Jan 2017 11:46:23 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: 2.48
X-Spam-Level: **
X-Spam-Status: No, score=2.48 tagged_above=-999 required=6.31
	tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=2,
	RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01,
	RCVD_IN_MSPIKE_WL=-0.01, RCVD_IN_SORBS_SPAM=0.5] autolearn=disabled
Authentication-Results: spamd2-us-west.apache.org (amavisd-new);
	dkim=pass (2048-bit key) header.d=rcbowen-com.20150623.gappssmtp.com
Received: from mx1-lw-us.apache.org ([10.40.0.8])
	by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024)
	with ESMTP id lz_gqCsu_Ccb for <users@httpd.apache.org>;
	Mon,  9 Jan 2017 11:46:22 +0000 (UTC)
Received: from mail-qk0-f194.google.com (mail-qk0-f194.google.com [209.85.220.194])
	by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTPS id EA6CD5F370
	for <users@httpd.apache.org>; Mon,  9 Jan 2017 11:46:21 +0000 (UTC)
Received: by mail-qk0-f194.google.com with SMTP id 11so5921318qkl.0
        for <users@httpd.apache.org>; Mon, 09 Jan 2017 03:46:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=rcbowen-com.20150623.gappssmtp.com; s=20150623;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to;
        bh=iA8FjytB/oFeWHEMqh+GnTgY9cFKTedAh78SY2zk/iE=;
        b=ODHzmtlzlaPW0WLa4pQyoA8jtMzCZCdY13zg3YcP5Ikjm1i8jInIZ+fbIjsPovtXDn
         4wepd7D7vKdkc2G6iZRIuP21W1BjhevFoiArt8+pjsnI+oLbe/rqVsVNC7cOCEx2yomB
         jwZIsqjEpVPZp8vtDAd0oEkYxevmTh4UkdyxFtHpFj2vJqIlC2MnEvtdVb5I0IKKunj4
         3GXisksKU8pvYSDfe1OOH5DhAO28obz2C5Zg9H/05kH5xifYzGkEDpTd/LzstcSb/g6S
         B/ctm8du59PcdsiM9o9T81uLRhtvDxrqF7F81NXr0dE87780Q2CVu7xzAfSH9OkyRP3b
         Yv0g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to;
        bh=iA8FjytB/oFeWHEMqh+GnTgY9cFKTedAh78SY2zk/iE=;
        b=SPte9BslH36T598qOgdFog6+bFARswUH2HfRm+CLSzfEtJMxJAMreVFTjAox+bwnHC
         rknS8olbXaxA4dw9lASY69DZ0+Ng/b0hbuwJ+ap+m9pZwluBRmRYmSByN/8cuJxVDWnS
         ZeDY+8WE40UNRnA0RGX1TqfXsvVHTRyDovlekAqHxm6zN56kGRFZlzrvb8kr2pqxhE2T
         a6k8cgxllkaHmNWIi3csBa76c5AQrYvLgehm8N9pZprsDj5Wkez1WbsqJLeFsQKLtiq1
         YwjLXgruWV6n9ifyyBTqJckeQoCEH/ORdJSyISMARQGT4VyAljVNmXfi0srEuVVqrW59
         i+bw==
X-Gm-Message-State: AIkVDXImRFu755qsrY1WdzqQ8oUTxnpl1VZmHeYYID/J1QvS5Z/y276vVW9Nrx/l1aXPjJ/MYzn/tFxvGFsHtQ==
X-Received: by 10.55.92.199 with SMTP id q190mr84883928qkb.303.1483962381053;
 Mon, 09 Jan 2017 03:46:21 -0800 (PST)
MIME-Version: 1.0
Received: by 10.140.32.200 with HTTP; Mon, 9 Jan 2017 03:46:19 -0800 (PST)
Received: by 10.140.32.200 with HTTP; Mon, 9 Jan 2017 03:46:19 -0800 (PST)
In-Reply-To: <5.2.1.1.2.20161205114642.046ab958@localhost>
References: <CALhNj+SuuOzjGRqnONMEGP41jUeKO2qFanjQA1x1Gy2mwXYEWA@mail.gmail.com>
 <85308eaf-86b6-cd15-8a9c-2bfdcb81f46c@npulse.net> <5.2.1.1.2.20161205114642.046ab958@localhost>
From: Rich Bowen <rbowen@rcbowen.com>
Date: Mon, 9 Jan 2017 06:46:19 -0500
Message-ID: <CAD6VreuM4COa5ZZ1CvcCKsn+cDtp9073AS3uHY0zTuPCL4yKcg@mail.gmail.com>
To: users@httpd.apache.org
Content-Type: multipart/alternative; boundary=001a114e65069542e20545a7ea6b
Subject: Re: [users@httpd] ** MOD_RELEASE ** Apache2.x (mod_fence)
 Flood/DOS/DDOS Protection + stuck detection
archived-at: Mon, 09 Jan 2017 11:46:26 -0000

--001a114e65069542e20545a7ea6b
Content-Type: text/plain; charset=UTF-8

Being under the apache license does not imply any relationship with the
Apache Software Foundation. And in the case of mod_evasive there is none.
As far as I can tell, that module has been abandoned for a number of years.

On Dec 5, 2016 11:52 AM, "Stormy" <stormy22@stormy.ca> wrote:

> At 04:26 PM 12/5/2016 +0100, DaVieS wrote:
>
>> Hi Everyone!
>>
>> As a FullStack I had a very long headache with Apache, especially with
>> crappy and slowly pages, that the PHP stucks (FLOCK() && Session) the
>> processes over-time until the webserver become unavailable meanwhile
>> unfortunately slow pages (1-4 secs) will able to kill the whole webserver
>> with hammering F5 or with external help (with mod_evasive On and/or nginx
>> rate limiting).
>>
>
> On 3 November I posted a question about mod_evasive and here's another
> one. Could someone involved with Apache "background" please advise (on- or
> off-list) if such mods, distributed under the Apache license, have gone
> through any form of QA?
>
> tnx -- paul
>
>
> In the case described before we made a module that only mitigate requests
>> when unfinished jobs remaining in apache and its stopped my headache as
>> well and it is available for public,
>> "Licensed under the Apache License, Version 2.0".
>>
>>
>> (Links below does not contains any advertising)
>>
>> If you are interesting how is it works please visit:
>> https://web-flood-test.npulse.net/
>> If you are interested for source: https://devel.npulse.net/npuls
>> e-public/mod_fence
>> If you are interested for our article about the problem:
>> https://npulse.net/en/apache-php-stuck-session-bug-mod_fence
>> -protection-dos-ddos-protection
>>
>> Feel free to test / use / share and also pull requests are welcome.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

--001a114e65069542e20545a7ea6b
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"auto">Being under the apache license does not imply any relatio=
nship with the Apache Software Foundation. And in the case of mod_evasive t=
here is none. As far as I can tell, that module has been abandoned for a nu=
mber of years.=C2=A0</div><div class=3D"gmail_extra"><br><div class=3D"gmai=
l_quote">On Dec 5, 2016 11:52 AM, &quot;Stormy&quot; &lt;<a href=3D"mailto:=
stormy22@stormy.ca">stormy22@stormy.ca</a>&gt; wrote:<br type=3D"attributio=
n"><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left=
:1px #ccc solid;padding-left:1ex">At 04:26 PM 12/5/2016 +0100, DaVieS wrote=
:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">
Hi Everyone!<br>
<br>
As a FullStack I had a very long headache with Apache, especially with crap=
py and slowly pages, that the PHP stucks (FLOCK() &amp;&amp; Session) the p=
rocesses over-time until the webserver become unavailable meanwhile unfortu=
nately slow pages (1-4 secs) will able to kill the whole webserver with ham=
mering F5 or with external help (with mod_evasive On and/or nginx rate limi=
ting).<br>
</blockquote>
<br>
On 3 November I posted a question about mod_evasive and here&#39;s another =
one. Could someone involved with Apache &quot;background&quot; please advis=
e (on- or off-list) if such mods, distributed under the Apache license, hav=
e gone through any form of QA?<br>
<br>
tnx -- paul<br>
<br>
<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">
In the case described before we made a module that only mitigate requests w=
hen unfinished jobs remaining in apache and its stopped my headache as well=
 and it is available for public,<br>
&quot;Licensed under the Apache License, Version 2.0&quot;.<br>
<br>
<br>
(Links below does not contains any advertising)<br>
<br>
If you are interesting how is it works please visit: <a href=3D"https://web=
-flood-test.npulse.net/" rel=3D"noreferrer" target=3D"_blank">https://web-f=
lood-test.npulse.<wbr>net/</a><br>
If you are interested for source: <a href=3D"https://devel.npulse.net/npuls=
e-public/mod_fence" rel=3D"noreferrer" target=3D"_blank">https://devel.npul=
se.net/npuls<wbr>e-public/mod_fence</a><br>
If you are interested for our article about the problem: <a href=3D"https:/=
/npulse.net/en/apache-php-stuck-session-bug-mod_fence-protection-dos-ddos-p=
rotection" rel=3D"noreferrer" target=3D"_blank">https://npulse.net/en/apach=
e-p<wbr>hp-stuck-session-bug-mod_fence<wbr>-protection-dos-ddos-protectio<w=
br>n</a><br>
<br>
Feel free to test / use / share and also pull requests are welcome.<br>
<br>
------------------------------<wbr>------------------------------<wbr>-----=
----<br>
To unsubscribe, e-mail: <a href=3D"mailto:users-unsubscribe@httpd.apache.or=
g" target=3D"_blank">users-unsubscribe@httpd.apache<wbr>.org</a><br>
For additional commands, e-mail: <a href=3D"mailto:users-help@httpd.apache.=
org" target=3D"_blank">users-help@httpd.apache.org</a><br>
<br>
<br>
</blockquote>
<br>
<br>
------------------------------<wbr>------------------------------<wbr>-----=
----<br>
To unsubscribe, e-mail: <a href=3D"mailto:users-unsubscribe@httpd.apache.or=
g" target=3D"_blank">users-unsubscribe@httpd.apache<wbr>.org</a><br>
For additional commands, e-mail: <a href=3D"mailto:users-help@httpd.apache.=
org" target=3D"_blank">users-help@httpd.apache.org</a><br>
<br>
</blockquote></div></div>

--001a114e65069542e20545a7ea6b--