Thanks Yannik & Sander. I shall check out
those modules. Shall reply for more if needed.
Cheers !!
Warm regards,
Jacky Wong
Sander Temme wrote:
On Apr 23, 2007, at 2:31 AM, Jacky wrote:
In our production environment, we have 2
apache servers firewalled to accept port 80 and 443 only.
These apache servers will load balanced to 2 of our resin servlet
container. Recently we checked from our logs and verified that there
are certain unwelcomed individuals that did a mass posting to our
apache servers causing our normal operations nearly to a halt.
I would like to ask for advice from the experienced individuals from
this mailing list, what you guys normally do to counter this?
What we are doing right now is blocking them from firewall. Wish to get
some suggestions from this list.
Blocking attacks at the firewall is an excellent and very efficient
approach, if the attacks come from only one or a few IP addresses.
For distributed attacks, you might consider mod_dosevasive and/or
mod_security
http://www.modsecurity.org/
I'm not sure where the current home for dosevasive is.
S.
--Sander Temme
sctemme@xxxxxxxxxx
PGP FP: 51B4 8727 466A 0BC3 69F4 B7B8 B2BE BC40 1529 24AF
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|
