logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: Protect Apache against constant F5
Author
Qmpeltaty



Joined: 06 Feb 2008
Posts: 182
Location: Poland

PostPosted: Thu 24 Oct '13 16:45    Post subject: Protect Apache against constant F5 Reply with quote

Today i was informed that some of Apache instances are vulnerable for serving content while client is constantly pressing F5 button in browsers - once is pressed CPU load is increasing, page became slow etc. (it's dynamic content served by back-end Tomcats). In the same time i see errors with connection between Apache and Tomcats' instances.

Is there any good way to protect Apache against it ?
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7373
Location: Germany, Next to Hamburg

PostPosted: Thu 24 Oct '13 17:37    Post subject: Reply with quote

There ist mod_bw see http://www.apachelounge.com/viewtopic.php?p=20951

if you still have a question please ask again.
Back to top
Qmpeltaty



Joined: 06 Feb 2008
Posts: 182
Location: Poland

PostPosted: Thu 24 Oct '13 17:56    Post subject: Reply with quote

James Blond wrote:
There ist mod_bw see http://www.apachelounge.com/viewtopic.php?p=20951

if you still have a question please ask again.


mod_bw or mod_ratelimit ? I don't want to limit the bandwidth just prevent for f5 refresh abuses - i just want to prevent refreshing the same page more than once per second/few seconds.
Back to top
glsmith
Moderator


Joined: 16 Oct 2007
Posts: 2268
Location: Sun Diego, USA

PostPosted: Thu 24 Oct '13 20:17    Post subject: Reply with quote

I think mod_evasive would help best here but if set with too low a threshold, will not distinguish between someone hammering the F5 key or just serving normal content.
Back to top
Qmpeltaty



Joined: 06 Feb 2008
Posts: 182
Location: Poland

PostPosted: Fri 25 Oct '13 11:05    Post subject: Reply with quote

glsmith wrote:
I think mod_evasive would help best here but if set with too low a threshold, will not distinguish between someone hammering the F5 key or just serving normal content.


Yes, you are absolutely right. the hardest part is to determine a threshold properly. Is there any way i could measure the requests/sec based on IP address ?

Question : is it possible to use mod_evasive from apachehouse https://www.apachehaus.net/modules/mod_evasive2/ built with VC 2008 SP1 x64 with apachelounge Apache V10 distro ?
Back to top
glsmith
Moderator


Joined: 16 Oct 2007
Posts: 2268
Location: Sun Diego, USA

PostPosted: Fri 25 Oct '13 21:57    Post subject: Reply with quote

Q1: Don't know off hand.

Q2: From what I understand, VC10 is supposed to be able to use VC9 modules without problems.
Back to top
Qmpeltaty



Joined: 06 Feb 2008
Posts: 182
Location: Poland

PostPosted: Mon 28 Oct '13 10:06    Post subject: Reply with quote

glsmith wrote:
Q1: Don't know off hand.

Q2: From what I understand, VC10 is supposed to be able to use VC9 modules without problems.


Is VC9 an equivalent name for VC 2008 ?
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7373
Location: Germany, Next to Hamburg

PostPosted: Mon 28 Oct '13 11:28    Post subject: Reply with quote

Qmpeltaty wrote:


Is VC9 an equivalent name for VC 2008 ?


Yes it is.
Back to top
Qmpeltaty



Joined: 06 Feb 2008
Posts: 182
Location: Poland

PostPosted: Mon 28 Oct '13 14:50    Post subject: Reply with quote

James Blond wrote:
Qmpeltaty wrote:


Is VC9 an equivalent name for VC 2008 ?


Yes it is.


Thank you Steffen. Is there any other way to determine mod_evasive thresholds than by preparing statistics based on access log ??
Back to top


Reply to topic   Topic: Protect Apache against constant F5 View previous topic :: View next topic
Post new topic   Forum Index -> Apache