On Mon, Nov 05, 2007 at 02:30:02AM -0500, Nilesh Bansal wrote: > Hi, > > Thanks Nick. mod_loadavg is not very useful since we have a tomcat > behind the apache proxy doing real heavyweight work. Also mod_evasive > is a bit restrictive since it wants multiple requests to the exact > same URI or exact same apache child. You might want to have a look at mod_qos. -> from the doc: * QS_SrvMaxConnPerIP <number> Defines the maximum number of connections per source IP address. Regs, Christian > > > 20 requests per second from one IP isn't necessarily abuse. Even if > > you don't have pages containing lots of images (thus asking clients > Looking at the log file, you can easily see that it is a malicious > user. For example, client always asks the same url but with an extra > "j" appended in the search query for every new request. Sometimes the > request URL is very long. And 20 searches per second in our > application generates quite a lot of load. > > > Having said that, there are a number of third-party modules to do > > what you're asking. mod_evasive, for example, is designed for > > precisely that purpose. See modules.apache.org for others. > > > There are other approaches you could consider if the real issue > > is a heavyweight application, so that 20/sec is hurting the server. > > For example, mod_load_average can be used to refuse to run the > > heavyweight app and return a "server busy" page instead when the > > load is too high. That way, static stuff will be unaffected by > > the heavy traffic. > > > > -- > > Nick Kew > > > > Application Development with Apache - the Apache Modules Book > > http://www.apachetutor.org/ > > > > --------------------------------------------------------------------- > > The official User-To-User support forum of the Apache HTTP Server Project. > > See <URL:http://httpd.apache.org/userslist.html> for more info. > > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > > > > > > > -- > Nilesh Bansal. > http://queens.db.toronto.edu/~nilesh/ > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|