9/07/2010

HOWTO: Limit Ip connections

Installing mod_limitipconn.c
http://dominia.org/djao/

Intro
============
This is the distribution page for the Apache module mod_limitipconn.c, which
allows web server administrators to limit the number of simultaneous downloads
permitted from a single IP address.

Why did I write this module? Well, I run an mp3 server which since its
inception was being constantly hosed by people who were trying to download
dozens of files at once. For months I scoured the Internet looking for a code
snippet that would solve this problem. The closest thing I found was this patch
against an old version of Apache, and it didn't run properly on my Linux box
(that was back then; nowadays, the patch doesn't even apply cleanly to the
Apache source tree).

Finally I gave up and decided to write something to do the job myself, and
here's the result.
=================
Log into ssh

cd /usr/src
wget http://dominia.org/djao/limit/mod_li...nn-0.04.tar.gz
tar xzvf mod_limitipconn-0.04.tar.gz
cd mod_limitipconn-0.04

pico Makefile
find the line that reads APXS=apxs[/b]
change that to
APXS=/usr/local/apache/bin/apxs

press cntrl O to save
then cntrl X

// if your locations to apxs is different
locate apxs and copy the path
then paste that in
//

make
make install

service httpd restart

pico -w /etc/httpd/conf/httpd.conf

locate ExtendedStatus
Make sure ExtendedStatus is on and without the comment at the start

and add this line to every virtual directory you want to limit
or add it once to the main directory to limit all



MaxConnPerIP 3
# exempting images from the connection limit is often a good
# idea if your web page has lots of inline images, since these
# pages often generate a flurry of concurrent image requests
NoIPLimit image/*



MaxConnPerIP 1
# In this case, all MIME types other than audio/mpeg and video*
# are exempt from the limit check
OnlyIPLimit audio/mpeg video



press cntrl O to save
then cntrl X
then service httpd restart

No comments:

Post a Comment