Re: [users@httpd] How to fight a client causing DoS ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, Aug 13, 2005 at 11:32:53AM +0200, Maxim Vexler wrote:
> > > The DoS was caused because a client tried to use one of the popular
> > > spiders to download the whole site.
> > >
> > > I've attached a clip from the error log & the access log (CR/LF terminated).
> > >
> > > As you can see the DoS client can be identified by his IP address.
> > > The same behavior continued for ~8 hours :(
> > >
> > > What can be done to stop the "attack" ?
...
> Sean, thank you for the quick replay.
> Don't you think that a complete block on the client's IP is a too rush tactic?
> It's a legitimate user, his only fault was that he used this spidering
> tool, which had the side effect of DoS on the httpd daemon, I honestly
> don't think the client meant this to occur.
> 
> I would like to note that I'm looking for some kind of automatic tool
> to fight this.
> Maybe a mod for Apache that could reject the client at the httpd
> daemon level on a time based period? the logic behind this is that
> this machine is not frequently monitored and I would prefer some kind
> of automatic solution.

mod_throttle can do this I believe (for Apache 1.3 only).
http://www.snert.com/Software/mod_throttle/#ThrottleClientIP  

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux