Date: Tue, 25 Nov 2003 17:11:42 +0000 From: Jez Hancock <jez.hancock@munk.nu> To: freebsd-ipfw@freebsd.org, freebsd-questions@freebsd.org Subject: Re: Protecting HTTP Server from D.O.S attacks and Log Watching Message-ID: <20031125171142.GA45539@users.munk.nu> In-Reply-To: <009601c3b36c$ca73c350$110d3ad4@VAHOXP> References: <009601c3b36c$ca73c350$110d3ad4@VAHOXP>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Nov 25, 2003 at 05:57:12PM +0200, Vahric MUHTARYAN wrote: > I want to protect my Web Server from D.O.S attacks like people > make a too many conncection to my web server for buffer overflow example > . > if I use limit option of ipfw Does it possible or Does it true way to > protect . > > For example : > > #ipfw add allow tcp from any to me 80 setup keep-state limit src-addr 30 You could also use an apache module such as mod_throttle or mod_bwshare to throttle incoming connections to the httpd - presuming you're using apache. mod_throttle is in ports, mod_bwshare isn't. -- Jez Hancock - System Administrator / PHP Developer http://munk.nu/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031125171142.GA45539>