Difference between revisions of "Apache: Enable Mod QoS"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| + | Cara ini juga mungkin bisa digunakan untuk mengatasi serangan slowloris | ||
| + | |||
| + | Download | ||
| + | |||
cd /tmp/ | cd /tmp/ | ||
| − | wget http:// | + | wget http://ncu.dl.sourceforge.net/project/mod-qos/mod_qos-10.14.tar.gz |
| − | tar xvfz mod_qos- | + | tar xvfz mod_qos-10.14.tar.gz |
| + | Instalasi paket pendukung | ||
apt-get install apache2-threaded-dev gcc | apt-get install apache2-threaded-dev gcc | ||
| − | cd mod_qos- | + | Compile |
| + | |||
| + | cd mod_qos-10.14/apache2/ | ||
apxs2 -i -c mod_qos.c | apxs2 -i -c mod_qos.c | ||
| + | Konfigurasi | ||
cd /etc/apache2/mods-available/ | cd /etc/apache2/mods-available/ | ||
| + | |||
| + | Edit | ||
| + | |||
vi qos.load | vi qos.load | ||
| + | |||
| + | isi dengan | ||
LoadModule qos_module /usr/lib/apache2/modules/mod_qos.so | LoadModule qos_module /usr/lib/apache2/modules/mod_qos.so | ||
| + | Edit | ||
vi qos.conf | vi qos.conf | ||
| + | |||
| + | Isi dengan | ||
## QoS Settings | ## QoS Settings | ||
| Line 35: | Line 51: | ||
</IfModule> | </IfModule> | ||
| + | Enable mod qos | ||
a2enmod qos | a2enmod qos | ||
Latest revision as of 07:39, 14 March 2013
Cara ini juga mungkin bisa digunakan untuk mengatasi serangan slowloris
Download
cd /tmp/ wget http://ncu.dl.sourceforge.net/project/mod-qos/mod_qos-10.14.tar.gz tar xvfz mod_qos-10.14.tar.gz
Instalasi paket pendukung
apt-get install apache2-threaded-dev gcc
Compile
cd mod_qos-10.14/apache2/ apxs2 -i -c mod_qos.c
Konfigurasi
cd /etc/apache2/mods-available/
Edit
vi qos.load
isi dengan
LoadModule qos_module /usr/lib/apache2/modules/mod_qos.so
Edit
vi qos.conf
Isi dengan
## QoS Settings
<IfModule mod_qos.c>
# handles connections from up to 100000 different IPs
QS_ClientEntries 100000
# will allow only 50 connections per IP
QS_SrvMaxConnPerIP 50
# maximum number of active TCP connections is limited to 256
MaxClients 256
# disables keep-alive when 70% of the TCP connections are occupied:
QS_SrvMaxConnClose 180
# minimum request/response speed (deny slow clients blocking the server, ie. slowloris keeping connections open without requesting anything):
QS_SrvMinDataRate 150 1200
# and limit request header and body (carefull, that limits uploads and post requests too):
# LimitRequestFields 30
# QS_LimitRequestBody 102400
</IfModule>
Enable mod qos
a2enmod qos /etc/init.d/apache2 restart