mirror of
https://github.com/Ponce/slackbuilds
synced 2024-12-02 13:04:42 +01:00
69 lines
2.7 KiB
Text
69 lines
2.7 KiB
Text
From:
|
|
http://www.mail-archive.com/dev@httpd.apache.org/msg37189.html
|
|
|
|
Hi!
|
|
|
|
|
|
Attached is a version of mod_limitipconn.c that works in conjunction with
|
|
mod_cache and httpd-2.2. We've been using this on ftp.acc.umu.se for some
|
|
time now without any unwanted issues.
|
|
|
|
The main problem with mod_limitipconn-0.22 was that since mod_cache runs as
|
|
a quick handler, mod_limitipconn also must run as a quick handler with all
|
|
those benefits and drawbacks.
|
|
|
|
Download the tarball from http://dominia.org/djao/limitipconn2.html , extract
|
|
it, and replace mod_limitipconn.c with this version and follow the build
|
|
instructions.
|
|
|
|
I would really wish that this was made part of httpd, it's really needed when
|
|
running a file-download site due to the scarily large amount of demented
|
|
download manager clients out there.
|
|
|
|
However, I have not received any response from the original author on the
|
|
matter. From what I have understood of the license it should be OK to merge
|
|
into httpd if you want though, but I think that you guys are way more clued
|
|
in that matter than me.
|
|
|
|
This is a summary of the changes made:
|
|
* Rewritten to run as a Quick Handler, before mod_cache.
|
|
* Configuration directives are now set per VHost (Directory/Location
|
|
are available after the Quick Handler has been run). This means that
|
|
any <Location> containers has to be deleted in existing configs.
|
|
* Fixed configuration merging, so per-vhost settings use defaults set
|
|
at the server level.
|
|
* By running as a Quick Handler we don't go through the entire lookup
|
|
phase (resolve path, stat file, etc) before we get the possibility
|
|
to block a request. This gives a clear performance enhancement.
|
|
* Made the handler exit as soon as possible, doing the "easy" checks
|
|
first.
|
|
* Don't do subrequest to lookup MIME type if we don't have mime-type
|
|
specific config.
|
|
* Count connections in closing and logging state too, we don't want to
|
|
be DOS'd by clients behind buggy firewalls and so on.
|
|
* Added debug messages for easy debugging.
|
|
* Reduced loglevel from ERR to INFO for reject-logging.
|
|
|
|
In any case, I hope that this can be of use for others than us.
|
|
|
|
|
|
/Nikke
|
|
--
|
|
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
|
|
Niklas Edmundsson, Admin @ {acc,hpc2n}.umu.se | [EMAIL PROTECTED]
|
|
---------------------------------------------------------------------------
|
|
We are AT&T of Borg, MCI will be assimilated
|
|
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
|
|
|
|
(FWIW: copied without explicit permission)
|
|
|
|
--
|
|
|
|
The module can be loaded with the following in /etc/httpd/httpd.conf
|
|
|
|
LoadModule limitipconn_module lib/httpd/modules/mod_limitipconn.so
|
|
ExtendedStatus On
|
|
MaxConnPerIP 5
|
|
|
|
To test the 'test.pl' utility from mod_evasive is included in the doc dir.
|
|
|