Apache - Limit max number of simultaneous connections from an external IP?

apache-2.2

Solution 1:

I believe that mod_qos is probably going to be the answer to your prayers. I can't provide any specific configuration or recommendations, because I've never actually used it, but it comes with all the knobs you're likely to need.

More generally, iptables is more than capable of handling this sort of thing itself, and it's a far better solution (do networky stuff at the networky level). This is especially true if you want to deal with other protocols as well as HTTP, or only want to apply the limits to a subset of connections.

The iptables command you want is something like

iptables -I INPUT -p tcp --dport 80 -m state --state NEW -m recent --name http --update --seconds 1 --hitcount 5 -j REJECT
iptables -I INPUT -p tcp --dport 80 -m state --state NEW -m recent --name http --set

This will limit incoming connections to 5 per second.

Note, however, that connection limiting can be a real pain for legitimate users who just happen to be heavy users of the site, and it'll only slow down attackers that really aren't a concern anyway. Use with caution.

Related

Extend linux partition size without losing any data / techniques
Bot? check if a domain name is availible?
Domain Admins UAC Permission On Domain Controller
Why Permission Denied with NFS after reboot?
How do you backup your websites?
Runas Domain Account Still Asks for Password
Naked domain map + Gmail MX Records
set up remote desktop server on windows server 2012 [closed]
WinXP administrator password recovery
Keepalived unwanted transition to master
How to clear Exchange mail queues using PowerShell
FTP server | Filezilla | windows server