Re: [CentOS] Re: centos and apache DOS question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Jim Perrin wrote:
>> That part I understand. AFAIK there is no way to stop that kind of thing
>> without the help from the upstream provider.
> 
> There's also an apache module you can use which may help. While it
> won't stop everything, it may help a bit with your current situation.
> http://www.zdziarski.com/projects/mod_evasive/  It's designed to help
> apache deal with brute force DOS attempts.

But do be careful with that one. Though it is designed to look for
"X-Forwarded-For"-Headers by caching proxies, not all proxies set that
header. So you might deny access to people using those proxies. And you
have to look at traffic patterns for your website first, so that you do
not set the access limits too low and deny regular traffic to your
website (if you - for example - have many small images on your website).

Cheers,

Ralph

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux