You should definitely check the logs to see what's being looked at.. depending upon what it is and who it is there's a variety of things you can do - eg change images to a lower res, or put a forbidden rule into your htaccess files for the page being requested, or firewall off offending IPs (better the further upstream, but even an iptables rule to drop packets could do you good)
as far as config goes, you could change the number of spare processes and maximum threads/process spawned at any one time, turn keepalives on (or off, depending upon the access pattern), turn timeouts down, change the loglevel down, make sure reverse lookups on hostnames are turned off of course if it is legitimate load, look into load balancers and reverse proxies, or both! On 10/3/07, Rick Welykochy <[EMAIL PROTECTED]> wrote: > > Voytek Eymont wrote: > > > I noticed my web server was kind off slow, and, saw this, is this some > > sort of dos attack ? > > If you are using Apache, there is an Apache Status module that > lets you see what is currently executing inside the server. > > Also, tail the web logs (access_log or whatever) to see who is > accessing what. > > > how to control ? > > I am no expert, but if you are getting DDoS'd there ain't much > to do besides ride it out or change your IP. > > > cheer > rickw > > > > -- > _________________________________ > Rick Welykochy || Praxis Services > > Once a new technology starts rolling, if you're not part of the > steamroller, you're part of the road. > -- Stewart Brand > -- > SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ > Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html > -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
