Re: [users@httpd] SNI SSL per domain?

Sounds like you have mis-structured the config. Per servername - each can and should have its own cert and will be selected via SNI. If there are subadmins beneath each vhost section #include those snippets and they all still fall within the given host name. On Feb 1, 2016 11:21 AM, "Felipe Gaspe

Re: [users@httpd] Re: throttling IP addresses

You can also have look at https://atomicorp.com/ I would recommend install ASL firewall. Thanks Deepak Sharma On Tue, Feb 2, 2016 at 10:49 PM, Wei-min Lee wrote: > There may not be a simple single solution for you. > > Iptables can be used to restrict packets that are coming in at an > excessiv

Re: [users@httpd] Re: throttling IP addresses

There may not be a simple single solution for you. Iptables can be used to restrict packets that are coming in at an excessively high rate Snort can be used to detect and manage intrusion attempts. ~Sent from my Huawei H1511~ On Feb 2, 2016 8:48 AM, "George Genovezos" wrote: > Yes, > > I am re

Re: [users@httpd] Re: throttling IP addresses

What works will depend on your OS, but you may want to look at fail2ban: I think it should be able to do the OS-level firewall management that you need. [your external firewall sounds fairly lame.] > Date: Tuesday, February 02, 2016 16:47:4

Re: [users@httpd] Re: throttling IP addresses

Yes, I am referring to an external firewall. So the idea is to use the web server to proxy external traffic and place an IP hit counter, that would throttle a DDOS attack. Even with a unix firewall, we still need a way to identify the threat and update the firewall. Do you have any thoughts on