Wednesday, October 17, 2012

Apache::LimitIPConn Module Installation

Apache::LimitIPConn - Limit simultaneous connections by an IP address
This package allows a web server administrator to impose limits on the number of simultaneous connections that a single IP address can make to the Apache server.
The Apache::LimitByIPConn module lets you enforce limits on the number of simultaneous downloads allowed from a single IP address. You can also control which MIME types are affected by the limits.
The MaxConnPerIP variable dictates the maximum number of simultaneous connections that each IP address is allowed. Connections in excess ofthis limit will result in a 403 Forbidden response.
The NoIPLimit variable specifies a list of MIME types for which limit
checking is turned off. The OnlyIPLimit variable followed by a list of
MIME types restricts limit checking only to the types specified under
this variable. These MIME types match by prefix, so for example
PerlSetVar NoIPLimit "image"
Turns off limit checking for all MIME types starting with "image",
including "image/jpeg", "image/png", etc. Wildcard matching with ? and * is also supported.
NOTES
The limits defined by Apache::LimitIPConn apply to all IP addresses
connecting to your Apache server. Currently there is no way to set
different limits for different IP addresses.
Proxy clients are treated no differently from regular clients. Overly
restrictive limits will adversely affect the accessibility of your site
from large Internet Service Providers such as AOL that route millions of
users through a small pool of proxy clients.
This module requires Apache::Scoreboard and the configuration setting
"ExtendedStatus On" in the httpd.conf configuration file.

In order to install this module, you'll first need to download and install Apache::Scoreboard from CPAN.

 
Installation Steps 

cd /usr/local/src/

wget http://dominia.org/djao/limit/mod_limitipconn-0.24.tar.bz2


tar -xvf mod_limitipconn-0.24.tar.bz2


cd mod_limitipconn-0.24


make


make install


httpd -t


/etc/init.d/httpd restart


Add the below lines in httpd.conf


vi /usr/local/apache/conf/httpd.conf

============================================
# This command is always needed
ExtendedStatus On
# Only needed if the module is compiled as a DSO
LoadModule limitipconn_module lib/apache/mod_limitipconn.so

# Set a server-wide limit of 10 simultaneous downloads per IP,

# no matter what.
MaxConnPerIP 10

# This section affects all files under http://your.server/somewhere
MaxConnPerIP 3
# exempting images from the connection limit is often a good
# idea if your web page has lots of inline images, since these
# pages often generate a flurry of concurrent image requests
NoIPLimit image/*

# This section affects all files under /home/*/public_html
MaxConnPerIP 1
# In this case, all MIME types other than audio/mpeg and video*
# are exempt from the limit check
OnlyIPLimit audio/mpeg video
============================================
Check the syntax if everything is ok then restart the apache.
httpd -t
/etc/init.d/httpd restart
/etc/init.d/httpd status

No comments:

Post a Comment