perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stas Bekman <s...@stason.org>
Subject Re: Strategy against 'trivial' DOS attacks?
Date Tue, 13 May 2003 01:14:27 GMT
Perrin Harkins wrote:
> On Mon, 2003-05-12 at 18:25, mod_perl@att.net wrote:
> 
>>I then searched for apache module list. There is a patch to create a "Connection
>>Timeout" directive to Apache. Unlike the built-in Timeout, it checks only at the
>>initial connection circle. The patch works fine with Apache 1.23. I set
>>Connection Timeout to be 5 seconds, and it works fine (with 1024 MaxClients).
> 
> 
> That sounds like a good approach.  Ideally, you would also log the IP of
> offending clients here, so you can block them with iptables. 
> Incidentally, this could probably be done entirely in Perl with mod_perl
> 2.

Indeed, in mod_perl 2.0 you can write a PreConnection handler, which happens 
immediately after connection has been established, before any incoming data is 
processed.

# PerlPreConnectionHandler MyApache::PreConnectionRemoteIP

package MyApache::PreConnectionRemoteIP;

use strict;
use warnings FATAL => 'all';

use Apache::Connection ();

use Apache::Const -compile => qw(OK);

sub handler {
     my Apache::Connection $c = shift;

     my $ip = $c->remote_ip;
     # do something with that $ip;
     return Apache::OK;
}

Hmm, I guess you could close the socket right here, not sure how Apache will 
like it. But you can always return an error code, which will cleanly abort the 
connection (starting from Apache 2.0.45 only, older versions will segfault).

Looks like a good opportunity for a new useful module. All you need is to port 
the existing examples (like Randal's column Perrin has referred to earlier in 
this thread) into this earlier stage. Any takers?

__________________________________________________________________
Stas Bekman            JAm_pH ------> Just Another mod_perl Hacker
http://stason.org/     mod_perl Guide ---> http://perl.apache.org
mailto:stas@stason.org http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com


Mime
View raw message