Please Change Following Parameters Timeout 60 KeepAlive On MaxKeepAliveRequests 100 KeepAliveTimeout 5 MinSpareServers 5 MaxSpareServers 10 StartServers 5 MaxClients 150 MaxRequestsPerChild 4000
Then Kernel settings are like : tcp_keepalive_time=900 tcp_fin_timeout=30 tcp_max_orphans=16384 tcp_tw_reuse=1 tcp_tw_recycle=1 tcp_rfc1337=1 tcp_no_metrics_save=1 tcp_fin_timeout 60 conf.default.rp_filter=1 tcp_syncookies=1 tcp_synack_retries=3 tcp_syn_retries=3 Regards Amit Maheshwari Linux System Administrator New Del On Tue, Jun 23, 2009 at 5:55 PM, Neelesh Gurjar <neel....@gmail.com> wrote: > Hi, > I have a web server which has CentOS Linux 2.6.18-028stab059.6-ent kernel > and Apache 1.3.37 running on it. > > 2 days back I got one script to test DoS attack on website. It is called > slowloris.pl from http://ha.ckers.org/slowloris/ > > I run that script against my server and it worked. It stopped my website > for some time. That time all other services like SSH were working fine. > > Can anybody suggests any configuration changes at Apache and OS/Kernel > level to prevent from this type of attack ? > > Currently I am using following settings: > > Timeout 300 > KeepAlive On > MaxKeepAliveRequests 100 > KeepAliveTimeout 5 > MinSpareServers 5 > MaxSpareServers 10 > StartServers 5 > MaxClients 150 > MaxRequestsPerChild 0 > > Then Kernel settings are like : > tcp_keepalive_time 7200 > tcp_keepalive_time 9 > tcp_keepalive_intvl 75 > tcp_syn_retries 5 > tcp_synack_retries 5 > tcp_fin_timeout 60 > > -- > Regards > NeeleshG > > LINUX is basically a simple operating system, but you have to be a genius > to understand the simplicity >