Protecting HTTP Server from D.O.S attacks and Log Watching
Jez Hancock
jez.hancock at munk.nu
Tue Nov 25 09:11:47 PST 2003
On Tue, Nov 25, 2003 at 05:57:12PM +0200, Vahric MUHTARYAN wrote:
> I want to protect my Web Server from D.O.S attacks like people
> make a too many conncection to my web server for buffer overflow example
> .
> if I use limit option of ipfw Does it possible or Does it true way to
> protect .
>
> For example :
>
> #ipfw add allow tcp from any to me 80 setup keep-state limit src-addr 30
You could also use an apache module such as mod_throttle or mod_bwshare
to throttle incoming connections to the httpd - presuming you're using
apache. mod_throttle is in ports, mod_bwshare isn't.
--
Jez Hancock
- System Administrator / PHP Developer
http://munk.nu/
More information about the freebsd-ipfw
mailing list