On Tue, Dec 14, 2021 at 7:00 AM Grierson, David (Lead Engineer) <david.grier...@sky.uk> wrote: > > Hi, > > I'm running an internal Subversion service making use of the CollabNet > Subversion RPMs to provide this. > > I'm looking to introduce rate limiting to my Subversion service and so want > to build mod_evasive for use within the Apache component of Subversion, to do > so I need to use apxs to compile this, however the CollabNet packages don't > include the "-devel" RPM and so this isn't possible. > > Does anyone know where I can get this or will I have to revert to building > from Subversion from source against the system Apache?
In theory if you got a version of the module built against the same httpd and apr versions it might work but it would probably be a good time to look to change things up. I assume you are on a CentOS/RedHat distro? Are the upstream packages new enough to use? For example, if you have moved to the RHEL 8.x line then the LTS version of Subversion is provided by the distro and would make your life a lot easier. Do you have any reason to believe mod_evasive will do what you want? A Subversion client doing a checkout can look a bit like a DoS attack in terms of sending a lot of GET requests in a short timespan. You could also stick a proxy in front of your server and do the rate limiting there. That could be a good way to trial this out too. As you could just point a specific client at the proxy to make sure svn operations all work OK. Mark
