Solved

HTTP Flood Denial of Service

Posted on 2007-12-03
3
1,798 Views
Last Modified: 2013-11-16
I'm on Red Hat Linux 5 using the Apache web server.

What are people recommending for protecting against  HTTP flood attacks?

I'd love to have some application that could limit usage by IP address - like allowing only one page load per unique IP address every two seconds.

Does something like this exist?

http://pear.php.net/package/HTTP_FloodControl
0
Comment
Question by:Geoff Millikan
  • 2
3 Comments
 
LVL 1

Accepted Solution

by:
simonbun earned 500 total points
ID: 20463775
Yes, you should look into apache's mod_security (http://www.modsecurity.org/) or mod_evasive (http://www.zdziarski.com/projects/mod_evasive/). Both can do this, but in my experience it was easier to do this with mod_evasive.

regards,
Simon
0
 

Author Comment

by:Geoff Millikan
ID: 20467244
Simon,

Thanks! And I'm sorry, I should have indicated that I'm on Apache/2.2.3.  Looks like mod_evasive doesn't run on 2.2.x  So would you suggest my best option is http://www.modsecurity.org/ 
0
 
LVL 1

Expert Comment

by:simonbun
ID: 20470157
Yes, mod_security has a whole slew of configuration options, allowing very specific settings. Limiting requests by ip / s is possible.
0

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

It is possible to boost certain documents at query time in Solr. Query time boosting can be a powerful resource for finding the most relevant and "best" content. Of course the more information you index, the more fields you will be able to use for y…
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question