How can I secure my apache server from DoS attack ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

I have a web server which has CentOS Linux 2.6.18-028stab059.6-ent kernel and Apache 1.3.37 running on it.

2 days back I got one script to test DoS attack on website. It is called slowloris.pl  from http://ha.ckers.org/slowloris/

I run that script against my server and it worked. It stopped my website for some time. That time all other services like SSH were working fine.

Can anybody suggests any configuration changes at Apache and OS/Kernel level to prevent from this type of attack ?

Currently I am using following settings:

Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 5
MinSpareServers 5
MaxSpareServers 10
StartServers 5
MaxClients 150
MaxRequestsPerChild 0

Then Kernel settings are like :
tcp_keepalive_time 7200
tcp_keepalive_time 9
tcp_keepalive_intvl 75
tcp_syn_retries 5
tcp_synack_retries 5
tcp_fin_timeout 60

-- 
Regards
NeeleshG

LINUX is basically a simple operating system, but you have to be a genius to understand the simplicity
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux