John1 wrote:
From reading around on the web, it would seem that MaxClients 150 ought to be enough even for moderately busy web servers. Does anyone else have a view on this? Ron, I can understand your idea of raising MaxClients to help the problem, (although I can't try this myself as my Virtual Server environment restricts the number of concurrent processes I can run).However, I am sure you will agree that raising MaxClients is really a work around rather than a solution to the underlying problem. I can only presume that this problem of scripts looking for security holes hammering websites must be a problem common to every website on the Internet, and therefore presumably every website is bumping up against MaxClients on a regular basis!? I presume that most websites come back to life as soon as the script robot goes away, but even so, all websites will be brought down by this sort of robot for the duration of its visit. So, to get to my point, are there any easy ways to stop these script robots racking up the MaxClients count in the first place. i.e. is there anything in Apache or Apache modules that can be used to spot these "robot attacks" and drop their requests before they cause Apache to spawn loads of processes? I'd be grateful for any ideas, especially as upping the MaxClients setting is not really an option for me. Thanks
Try mod_evasive, or use the robot blocking functionality in interchange, in conjunction with iptables, to drop packets from the malicious IP. Most common robots should not kill your webserver.
Sandy. _______________________________________________ interchange-users mailing list suppressed http://www.icdevgroup.org/mailman/listinfo/interchange-users
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.