[EMAIL PROTECTED] said:
> Well, if the reason you're throttling is to block excessive usage of
> the machine, the full monty of CPU limiting will do that just fine,
one kind of DOS would not be caught by looking at CPU usage, it is one
that I have experienced a number of times, namely the use of some
misconfigured offline browsing tool that would just open as many
concurrent connections as it can until it has read all pages on your
server. I don't know whether some of these tools are misconfigured out of
the box, or users changed the settings. Some idiots do that even
behind a modem, so the limit is not CPU but bandwidth, as all of
these connections go through the same slow wire. Your CPU
will then be mostly idle, with full IP output queues and all Apache
processes in the "W" sate. As soon one of the requests times out, the
tool opens a new one.
It should be easy to hack Apache::SpeedLimit to count concurrent
accesses instead of number of accesses over a certain time and
lock out the client if it reaches some max number. Is this the
best way to do this or are there better ideas?
Roman Maeder
