There are other ways to rotate Apache logs, too. For example, on my FreeBSD
systems, there is something called newsyslog present at the operating system
level. There is a file named /etc/newsyslog.conf that has the following
lines on my system (I edited the file and added these lines):
# logfile
> According to the php manual, apache should be configured to parse php, e.g.:
>
>
> SetHandler application/x-httpd-php
>
> Apparently this should be part of the addtype directive. I don't
> understand which file I am to edit and add the code shown above. Can
> somebody help please?
In my opi
> Posted to users@ (as well as dev@) in case anyone wants to
> report experiences - good or bad - on using it.
I have tried using various Apache modules to address possibilities of
Slowloris attacks. Finally, after not being satisfied with what
existing modules had to offer, I ended up using oper
>
> You using iptables? What rules did you end up using to accomplish this?
>
Using OpenBSD's Packet Filter. It's not perfect; I have to set the
connection limit quite high (at 36) because the connection state stays
in the firewall for about a minute even during the FIN_WAIT_2 stage.
Here are my
> Isn't it diffcult to configure it based on Ip because:
>
> 1. Ip could be of proxy server
> 2. Ip could be of ISP
>
> Would that lead into good requests being denied?
Sometimes, yes, but mostly, no.
-
The official User-To-User
Guys, I think I'll just add Operating System wide firewall rules to
disallow more than N number of concurrent TCP connections to port 80
from a single IP address.
-
The official User-To-User support forum of the Apache HTTP Server
On Sat, Apr 3, 2010 at 9:09 PM, Nerius Landys wrote:
>> if (ip_count > conf->limit) {
>> ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL, "Rejected,
>> too many connections in READ state from %s", c->remote_ip);
>> return OK;
>>
> if (ip_count > conf->limit) {
> ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL, "Rejected,
> too many connections in READ state from %s", c->remote_ip);
> return OK;
> } else {
> return DECLINED;
> }
I figured out what OK and DECLINED mean. In httpd.h:
#define DE
> This is called 'slow loris' attack. That'll give you something to Google for
> :)
Thank you so much for the help guys.
I did Google "slowloris" and I did indeed find much information. In
fact, the program I wrote from scratch does the exact attack described
on the slowloris Wikipedia page.
An
Hi guys. I'm in the process of writing some custom server code that
uses TCP sockets. This is totally unrelated to Apache and the HTTP
protocol (but please read on, I'll get there). I have quite a bit of
experience writing server code that communicates with UDP, but I've
had relatively little ex
10 matches
Mail list logo
