Re: How can I secure my apache server from DoS attack ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: users@xxxxxxxxxxxxxxxx
Subject: Re: How can I secure my apache server from DoS attack ?
From: Apache Admin <aamit.apache@xxxxxxxxx>
Date: Wed, 24 Jun 2009 10:19:54 +0530
In-reply-to: <77676f120906230525j4ae79cack7463168028384e89@xxxxxxxxxxxxxx>
Reply-to: users@xxxxxxxxxxxxxxxx

Please Change Following Parameters

Timeout 60

KeepAlive On

MaxKeepAliveRequests 100

KeepAliveTimeout 5

MinSpareServers 5

MaxSpareServers 10

StartServers 5

MaxClients 150

MaxRequestsPerChild 4000

Then Kernel settings are like :

tcp_keepalive_time=900
tcp_fin_timeout=30
tcp_max_orphans=16384
tcp_tw_reuse=1
tcp_tw_recycle=1
tcp_rfc1337=1
tcp_no_metrics_save=1
tcp_fin_timeout 60

conf.default.rp_filter=1
tcp_syncookies=1
tcp_synack_retries=3
tcp_syn_retries=3
Regards

Amit Maheshwari
Linux System Administrator
New Del

On Tue, Jun 23, 2009 at 5:55 PM, Neelesh Gurjar <neel.hjs@xxxxxxxxx> wrote:

Hi,

I have a web server which has CentOS Linux 2.6.18-028stab059.6-ent kernel and Apache 1.3.37 running on it.

2 days back I got one script to test DoS attack on website. It is called slowloris.pl from http://ha.ckers.org/slowloris/

I run that script against my server and it worked. It stopped my website for some time. That time all other services like SSH were working fine.

Can anybody suggests any configuration changes at Apache and OS/Kernel level to prevent from this type of attack ?

Currently I am using following settings:

Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 5
MinSpareServers 5

MaxSpareServers 10
StartServers 5
MaxClients 150
MaxRequestsPerChild 0

Then Kernel settings are like :
tcp_keepalive_time 7200

tcp_keepalive_time 9
tcp_keepalive_intvl 75
tcp_syn_retries 5
tcp_synack_retries 5
tcp_fin_timeout 60

--

Regards
NeeleshG

LINUX is basically a simple operating system, but you have to be a genius to understand the simplicity

References:
- How can I secure my apache server from DoS attack ?
  - From: Neelesh Gurjar

Prev by Date: Re: Re:[users@httpd] Seeking knowledge : Apache2 MPM Event and
Next by Date: Apache suddenly stops serving requests, recv() returns -1/errno=EAGAIN forever
Previous by thread: Re: How can I secure my apache server from DoS attack ?
Next by thread: Re: How can I secure my apache server from DoS attack ?
Index(es):
- Date
- Thread

[Index of Archives] [Open SSH Users] [Linux ACPI] [Linux Kernel] [Linux Laptop] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Squid] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper]

Powered by Linux