Kanstantin Reznichak wrote:
Hello,
One of my servers was affected by TCP flood attack targeted to http
service (Apache 2.2.8). Short attack description: an attacker opens
large amount of TCP connections to Apache service and sends few bytes
(for example, a single “GET / HTTP/1.1” line) to every opened
connection. The HTTP service opens a new process for every such
connection and waits for further input. After a short time, HTTPd runs
out of connection limit and stops responding.
Some of my servers are protected by state tracking firewall that
protects them against such kind of attack.
My question: is there possible to configure Apache HTTPd in order to
protect it against these attacks?
Check out mod_limitipconn. You can restrict the number of simultaneous
connections from individual IP addresses.
http://dominia.org/djao/limitipconn.html
--
Justin Pasher
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [email protected]
" from the digest: [email protected]
For additional commands, e-mail: [email protected]
