How can I prevent apache DoS flood?

I've configured a server running apache and a couple of days ago I noticed in the logs that there are bots running endless queries to the site. The logs show that those bots are running about 60 queries per second for about 20 minutes coming from the same IP address. How can I limit the queries and what's the appropriate way of dealing with such bots?

Thanks in advance.


Consider installing a rate limiting software, it will help you to defend not only against lawful bots. You can use mod_evasive for Apache, or you can install Nginx as a frontend and use its HttpLimitZoneModule, it is built in.


I highly recommend the tool fail2ban (http://www.fail2ban.org/); we use it on our own servers and it is amazingly useful for limiting DoS floods for more than just Apache.

fail2ban actively monitors various logs for different patterns (we have ours set to just monitor Apache hits), and if it determines that there are too many hits in a certain amount of time from a specific IP, it will ban that IP for a period you determine (we use a 20 minute ban window)

fail2ban has pre-built packages for most distribution, or you can grab the source; being Python, you don't even need to compile it! :D