How to rate-limit Apache server on IP basis?
I currently have a custom implementation in PHP/mysql that keeps track of web hits and blocks those that exceed a certain rate for the same IP. I.e. if a given source IP hits the server more than X times in the last Y seconds then it will be served a redirect to a predefined location Z and the normal request processing will be aborted.
It works OK, but puts significant stress on MySQL.
So I was wondering if there is a special tool for this available? Maybe an Apache module or some kind of filter?
The best
- mod_evasive (Focused more on reducing DoS exposure)
- mod_cband (Best featured for 'normal' bandwidth control)
and the rest
- mod_limitipconn
- mod_bw
- mod_bwshare
One more option - mod_qos
Not simple to configure - but powerful.
http://opensource.adnovum.ch/mod_qos/
you may be able to do this at a lower level with iptables and bypass apache/mysql all together.... match and forward to another host / port? i have only dropped:
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 6 -j DROP