Re: [users@httpd] Re: throttling IP addresses

2016-02-01 Thread Spork Schivago
I found a program, ConfigServer Firewall, that's pretty good at helping me secure my servers. It plays nice with iptables and it's fairly easy to configure. It has stuff that autoblocks IPs from bad people and can even download lists of bad IPs and auto-blocks them. On Mon, Feb 1, 2016 at 7:04

Re: [users@httpd] Re: throttling IP addresses

2016-02-01 Thread Richard
Are you referring to a 3rd-party firewall in front of the machine or the OS's firewall. Most *nix system (built-in) firewalls that I've dealt with have a lot of granularity and capabilities. They can certainly do an IP-specific (or range) blocks on one (or all) ports and some can do the throttling

Re: [users@httpd] Re: throttling IP addresses

2016-02-01 Thread Luca Toscano
Hi George, I would also check mod_qos for your use case! Luca Il 01 feb 2016 22:00, "George Genovezos" ha scritto: > Richard, > > I would agree with you that a more elegant solution is required. > Unfortunately the firewall will only block or allow a particular port. > > The correct solution wo

Re: [users@httpd] Re: throttling IP addresses

2016-02-01 Thread George Genovezos
Richard, I would agree with you that a more elegant solution is required. Unfortunately the firewall will only block or allow a particular port. The correct solution would be to implement an IPS solution in front of a firewall, but where in the do more with less phase. George Genovezos Applic

Re: [users@httpd] Re: throttling IP addresses

2016-02-01 Thread Richard
> Date: Monday, February 01, 2016 19:52:51 + > From: George Genovezos > > Hi, > > I’m hoping someone can help with a problem I’m having. I need > a basic Ddos mitigation tool. Basically, either throttling back > certain IP addresses or blocking access after too many connections > per seco

[users@httpd] Re: throttling IP addresses

2016-02-01 Thread George Genovezos
Hi, I’m hoping someone can help with a problem I’m having. I need a basic Ddos mitigation tool. Basically, either throttling back certain IP addresses or blocking access after too many connections per second. I know mod_evasive did this but the project, to my knowledge is deprecated. So to

Re: [users@httpd] SNI SSL per domain?

2016-02-01 Thread Felipe Gasper
On 1 Feb 2016 12:16 PM, Oscar Knorn wrote: On 2016/02/01 Felipe Gasper wrote: Hello, Is it possible to do SNI SSL per domain rather than per vhost? If not, is there a feature request in for this? Thank you! -Felipe Gasper Houston, TX

Re: [users@httpd] SNI SSL per domain?

2016-02-01 Thread Oscar Knorn
On 2016/02/01 Felipe Gasper wrote: > Hello, > > Is it possible to do SNI SSL per domain rather than per vhost? If > not, is there a feature request in for this? > > Thank you! > > -Felipe Gasper > Houston, TX > > - > To uns

[users@httpd] SNI SSL per domain?

2016-02-01 Thread Felipe Gasper
Hello, Is it possible to do SNI SSL per domain rather than per vhost? If not, is there a feature request in for this? Thank you! -Felipe Gasper Houston, TX - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.or