用 mod_reqtimeout

<IfModule mod_reqtimeout.c>
  RequestReadTimeout header=20-40,MinRate=500 body=20,MinRate=500
</IfModule>

用 mod_qos

<IfModule mod_qos.c>
   # handle connections from up to 100000 different IPs
   QS_ClientEntries 100000
   # allow only 50 connections per IP
   QS_SrvMaxConnPerIP 50
   # limit maximum number of active TCP connections limited to 256
   MaxClients 256
   # disables keep-alive when 180 (70%) TCP connections are occupied
   QS_SrvMaxConnClose 180
   # minimum request/response speed (deny slow clients blocking the server, keeping connections open without requesting anything
   QS_SrvMinDataRate 150 1200
</IfModule>

用 mod_security

<IfModule mod_security2.c>
SecRule RESPONSE_STATUS "@streq 408" "phase:5,t:none,nolog,pass,
setvar:ip.slow_dos_counter=+1, expirevar:ip.slow_dos_counter=60, id:'1234123456'"

SecRule IP:SLOW_DOS_COUNTER "@gt 5" "phase:1,t:none,log,drop,
msg:'Client Connection Dropped due to high number of slow DoS alerts', id:'1234123457'"
</IfModule>

參考 How To Mitigate Slow HTTP DoS Attacks in Apache HTTP Server

Related posts 相關文章
CVE-2023-44487 HTTP/2 協定漏洞史上最大 DDoS 攻擊
More...
Cloudflare 在 2023 年第一季的 DDOS 報告
More...
遇到 out of memory 後幾個設定減少的方式
More...
NGINX 如何降低、減緩 DDOS 攻擊
More...

作者

留言

撰寫回覆或留言

發佈留言必須填寫的電子郵件地址不會公開。