On Thu, 2009-06-18 at 08:48 +0100, Nick Kew wrote: > On 17 Jun 2009, at 21:59, Julien Pauli wrote: > > > Any suggestions, ideas ? ;) > > OhBugger. I meant to test-drive this before it went (fully) public. > > If you want to be helpful with this, you might like to test-drive > how the following affect this: > * Event MPM over others (and Worker over Prefork) > * AcceptFilters > * mod_evasive and bandwidth modules > on your choice of platform. > I did a little testing with this. All my testing was on FreeBSD 7.2, httpd 2.2.11, with prefork and event MPMs. The tool had few problems DoS'ing a prefork MPM, it normally consumed all resources within the first 10-15 seconds. With event MPM, it barely affected it at all. We've encountered this in the wild - sort of. A misbehaving client was (accidentally) generating hundreds of keep-alive connections, and managed to stop our prefork MPM based proxies from serving any requests. This was the final proof to my manager to allow me to replace them with event MPM proxies :) Nick, do you know how far along httpd 2.3 is? We use event MPM for our client facing reverse proxies, but we still have to use prefork in our organization for our SSL reverse proxies. As I understand the docs, the limitation of mod_ssl not working with event is gone in trunk? Cheers Tom --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|