LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 03-09-2003, 08:36 AM   #1
newhost
LQ Newbie
 
Registered: Dec 2002
Posts: 5

Rep: Reputation: 0
Limits on certain ip connections.


Hi

when we do a netstat -an I notice sometimes certain ips are logged onto our server up to 20 - 50 or more times each.

My question would be can we restrict the amount of times certain ips can be using a process or logged onto our server.

I have looked at the /etc/security/limits.conf file and would an ip work in there with this?


123.456.789 hard nproc 10

or should we be setting this elsewhere?

running Redhat 7.3 apache server.

thankyou.
 
Old 03-09-2003, 11:45 AM   #2
AltF4
Member
 
Registered: Sep 2002
Location: .at
Distribution: SuSE, Knoppix
Posts: 532

Rep: Reputation: 31
check httpd.conf:

MaxKeepAliveRequests directive
Syntax: MaxKeepAliveRequests number
Default: MaxKeepAliveRequests 100
Context: server config
Status: core
Compatibility: Only available in Apache 1.2 and later.

The MaxKeepAliveRequests directive limits the number of requests allowed per connection when KeepAlive is on. If it is set to "0", unlimited requests will be allowed. We recommend that this setting be kept to a high value for maximum server performance. In Apache 1.1, this is controlled through an option to the KeepAlive directive.

For example

MaxKeepAliveRequests 500
 
Old 03-09-2003, 11:51 AM   #3
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594
..next to that, if you run Apache in standalone mode, and want more (finegrained) control, you could look for mod_limitipconn, mod_bandwidth, mod_throttle or mod_bandwidthshare. If for some odd reason you run it tru Xinetd, xinetd can do it's own throttling/limiting. Also Iptables, if you would want to use it for that, can do limiting tru the iplimit module.

What you definately not want is the stuff under /etc/security, cuz that's PAM related, and mostly has to do with restrictions for local users like (u)limiting, time/remote host limits etc etc.
 
Old 03-09-2003, 03:56 PM   #4
newhost
LQ Newbie
 
Registered: Dec 2002
Posts: 5

Original Poster
Rep: Reputation: 0
Thankyou for the quick answers, Ok my httpd.conf

we have about 250 websites on this server with a few heavy users but most low to moderate users.

I did some testing and noticed that after entering the ips that kept showing up over 20 times each I put into my security limits.conf file the loads on the server reduced dramatically. I did further testing and removed those ips and then set the httpd.conf file to "Keep alive On"

the loads on the server shot up 6 - 12 times to what it had been running at,

I have been setting those ips on limits.conf for the previous 24 hours and no complaints of users having any connection problems.

unspawn I will have a look at mod_limitipconn and see if that can work better that my current setup.

thankyou.



#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300

#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive Off

#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 250

#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 15

obviously its turned off
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
no /etc/limits ? Mig21 Slackware 7 07-25-2005 11:18 PM
RAID Limits jtl60047 Linux - General 2 08-21-2004 09:06 PM
/etc/limits doesn't exist hampel Slackware 2 07-15-2003 11:26 AM
CD/RW capacity limits slackerboy Linux - General 14 01-20-2003 01:41 AM
Bandwidth Limits by IP Bomber Linux - Networking 3 01-16-2002 02:42 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 08:28 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration