Reaching out to others! Free & Open Source Software, Kannada, L10n, L18n Data Science, Cloud Computing & more…

Many times clients, severely get hit by DDos attacks on their web servers. At first level, we get to identify the domain which is being targeted if you’re looking into a shared hosting server. Once that is done, we can try limiting the number of simultaneous downloads from each IP which is trying to access the web pages. We can also tweak lots of other parameters in Apache. But adding limitation to individual IP made lots of difference to many high volume hosting servers.

This can be achieved by adding a module called mod_limitipconn to apache. Entries related to this module look as follows :

# Only needed if the module is compiled as a DSO
LoadModule limitipconn_module lib/apache/
AddModule mod_limitipconn.c

MaxConnPerIP 3
# exempting images from the connection limit is often a good
# idea if your web page has lots of inline images, since these
# pages often generate a flurry of concurrent image requests
NoIPLimit image/*

MaxConnPerIP 1
# In this case, all MIME types other than audio/mpeg and video*
# are exempt from the limit check
OnlyIPLimit audio/mpeg video

Check these links to learn how to install it for Apache 1.3x and 2.x