On Sunday 28 May 2006 19:23, Sergey Tsalkov wrote: > This is very wrong. I can't figure out why Apache doesn't have any > defense against such an obvious attack -- even the connection limiting > modules can't help because they have no way of knowing that all the > requests are coming from the same IP.
Which ones have you tried? And are you by any chance using the prefork MPM to maximise the cost to you of each connection? Apache 2.2 on some platforms uses connection filters to defend against precisely this kind of attack. -- Nick Kew --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
