Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: need solution against easy kind of flood |
|
| Author |
|
ezekiel87
Joined: 19 May 2010
Posts: 2
|
 Posted: Wed 19 May '10 14:40 Post subject: need solution against easy kind of flood |
 |
|
Hi there,
I'm running a php script (phpbb3 forum) on wampserver 2.0c (which contains apache 2.2.8 ) and noticed that anyone over the internet could easily cause high cpu usage (up to 100%) on my server, just by countinously refreshing any of the pages on the site (keeping F5 key pressed in his browser)
i've searched a bit for a solution, tried limitconn_ip and some other similar modules but nothing worked as expected. I don't know how to compile modules for apache, therefore i couldn't get to try some more.
Please help me, i really need a solution.
Thanks in advance!
Running wampserver 2.0c on windows xp sp2.
some specs: pentium e dual core, 2GB ddr2 ram
The wampserver is pretty much "default" as it was installed, the phpbb script too. |
|
| Back to top |
|
glsmith
Moderator
Joined: 16 Oct 2007
Posts: 2268
Location: Sun Diego, USA
|
| Posted: Wed 19 May '10 21:45 Post subject: |
|
|
Wow, a DOS that mod_dosevasive might actually defend against, a first in my book since I do not believe it will help on a true DOS (million clients hammering away at you).
Assuming that some putz is actually doing this to you, have you blocked the offending IP? I admit with dynamic IPs this can be equal to chasing ones tail, but a first step to try anyhow. |
|
| Back to top |
|
ezekiel87
Joined: 19 May 2010
Posts: 2
|
| Posted: Thu 20 May '10 6:17 Post subject: |
|
|
| glsmith wrote: | Wow, a DOS that mod_dosevasive might actually defend against, a first in my book since I do not believe it will help on a true DOS (million clients hammering away at you).
Assuming that some putz is actually doing this to you, have you blocked the offending IP? I admit with dynamic IPs this can be equal to chasing ones tail, but a first step to try anyhow. |
where do i find that module? http://www.nuclearelephant.com/projects/dosevasive/ here it cannot be found (anymore)
no, currently is no one other than me "attacking" my server, but there were people doing this to me in the past and i'm almost sure it will happen again in the future. |
|
| Back to top |
|
glsmith
Moderator
Joined: 16 Oct 2007
Posts: 2268
Location: Sun Diego, USA
|
|
| Back to top |
|
glsmith
Moderator
Joined: 16 Oct 2007
Posts: 2268
Location: Sun Diego, USA
|
| Posted: Fri 28 May '10 17:56 Post subject: |
|
|
I was putting 2.2.15 on the Atom two days ago, basically just copying from build drive. I have all modules loaded on the build drive to make sure all at least load on new builds, whether they work properly or not is a different matter.
mod_dosevasive happened to be loaded and when I hit a graphic intensive page, it did not load properly. Looking at the logs, I found that after about the 5th connection to download all the little button images mod_dosevasive went off and 403'd everything from that point on with "(Possible DOS Attack)" in the log listing.
Considering forums, CMS/blogs or anything with a editor with a lot of little button graphics, they just might be done in by this module. Something to think about before downloading.
The module can be tweaked with it's available directives, I'm just wondering at what point will a tweak to get sites to load properly drop the defense to the point where it becomes useless against a DOS of the nature in this thread. |
|
| Back to top |
|
|
|
|
|
|
