Why is mod_limitipconn-0.23 in Ubuntu 8.04 not working
Markus Schönhaber
ubuntu-users at list-post.mks-mail.de
Thu Jul 17 13:17:51 UTC 2008
Jimmy Snell wrote:
> BTW, I am not sure how Apache and its DSOs work internally. But I
> wonder whether there is a way to achieve the result I expected (refuse
> new HTTP connections from the the attacker's IP)? If it
> cannot done inside Apache or its DSOs, maybe it can be done by adding
> a rule to the system iptables?
I don't know of a way using only the means of httpd, but yes, it can be
done using netfilter's limit match. For an explanation see, for example,
here:
http://iptables-tutorial.frozentux.net/chunkyhtml/x2702.html#LIMITMATCH
Regards
mks
More information about the ubuntu-users
mailing list