-----Original Message----- From: Ashley Sheridan [mailto:ash@xxxxxxxxxxxxxxxxxxxx] Sent: 08 October 2009 04:20 PM To: Gaurav Kumar Cc: Gerardo Benitez; php-general@xxxxxxxxxxxxx Subject: Re: avoid Denial of Service On Thu, 2009-10-08 at 19:40 +0530, Gaurav Kumar wrote: > Not sure what exactly you are looking for. > > Anyways, some common practice are request for API key, username / password > tokens before providing access to a service. > > Thanks, > > Gaurav Kumar > > > On Thu, Oct 8, 2009 at 7:06 PM, Gerardo Benitez <gerardobenitez@xxxxxxxxx>wrote: > > > Hi everybody! > > > > > > I want to get some tips about how avoid a attack of Denial of service. May > > be somebody can about your experience with Php o some configuration of > > apache, o other software that help in these case. > > > > > > Thanks in advance. > > > > > > -- > > Gerardo Benitez > > If you are using Apache there are a bunch of different DoS modules that you can use: http://www.google.co.uk/search?q=apache +dos&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a Also, if you are in full control of the server, you may be able to configure firewalls for this sort of thing. It gets more complex when you're attacked with a DDoS (Distributed Denial of Service) as there's no real hard-and-fast way to prevent them, as they could genuinely be legitimate requests to your server and not attacks. As a distributed attack comes from many sources, you can't reliably differentiate the valid requests from the malicious ones. And then you don't want to block the legitimate requests as you would be denying visitors your service... Angelo http://www.elemental.co.za http://www.wapit.co.za -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
