用 mod_reqtimeout

<IfModule mod_reqtimeout.c>
  RequestReadTimeout header=20-40,MinRate=500 body=20,MinRate=500
</IfModule>

用 mod_qos

<IfModule mod_qos.c>
   # handle connections from up to 100000 different IPs
   QS_ClientEntries 100000
   # allow only 50 connections per IP
   QS_SrvMaxConnPerIP 50
   # limit maximum number of active TCP connections limited to 256
   MaxClients 256
   # disables keep-alive when 180 (70%) TCP connections are occupied
   QS_SrvMaxConnClose 180
   # minimum request/response speed (deny slow clients blocking the server, keeping connections open without requesting anything
   QS_SrvMinDataRate 150 1200
</IfModule>

用 mod_security

<IfModule mod_security2.c>
SecRule RESPONSE_STATUS "@streq 408" "phase:5,t:none,nolog,pass,
setvar:ip.slow_dos_counter=+1, expirevar:ip.slow_dos_counter=60, id:'1234123456'"

SecRule IP:SLOW_DOS_COUNTER "@gt 5" "phase:1,t:none,log,drop,
msg:'Client Connection Dropped due to high number of slow DoS alerts', id:'1234123457'"
</IfModule>

參考 How To Mitigate Slow HTTP DoS Attacks in Apache HTTP Server

最後修改日期: 2015 年 04 月 02 日

作者

留言

撰寫回覆或留言

發佈留言必須填寫的電子郵件地址不會公開。