How to rate-limit Apache server on IP basis?

apache-2.2

I currently have a custom implementation in PHP/mysql that keeps track of web hits and blocks those that exceed a certain rate for the same IP. I.e. if a given source IP hits the server more than X times in the last Y seconds then it will be served a redirect to a predefined location Z and the normal request processing will be aborted.

It works OK, but puts significant stress on MySQL.

So I was wondering if there is a special tool for this available? Maybe an Apache module or some kind of filter?


The best

  • mod_evasive (Focused more on reducing DoS exposure)
  • mod_cband (Best featured for 'normal' bandwidth control)

and the rest

  • mod_limitipconn
  • mod_bw
  • mod_bwshare

One more option - mod_qos

Not simple to configure - but powerful.

http://opensource.adnovum.ch/mod_qos/


you may be able to do this at a lower level with iptables and bypass apache/mysql all together.... match and forward to another host / port? i have only dropped:

iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 6 -j DROP

Related

rpc over https certificate error
SQL 2008 Memory Usage
Using SELinux to force Linux to allow programs to bind to port numbers lower than 1024
Null bytes in a file created by 2> rotated with logrotate?
apache2 https redirect to http without ssl cert
In Postfix, how do I measure how much traffic is used by each user or domain?
amazon ec2 instance gets timed out
Postfix : Conditional Header Checks
In Apache, is there a way to limit the number of new connections per second/hour/day?
Syslinux: How to correctly configure for UEFI PXE boot?
ipTables: How to improve the current set-up?
Article after 'added' or 'implemented' in software changelogs [closed]