Difference between revisions of "Apache: Enable Mod QoS"

From OnnoWiki
Jump to navigation Jump to search
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
DOwnload
+
Cara ini juga mungkin bisa digunakan untuk mengatasi serangan slowloris
 +
 
 +
Download
  
 
  cd /tmp/
 
  cd /tmp/
  wget http://downloads.sourceforge.net/sourceforge/mod-qos/mod_qos8.13-src.tar.gz?use_mirror=freefr
+
  wget http://ncu.dl.sourceforge.net/project/mod-qos/mod_qos-10.14.tar.gz
  tar xvfz mod_qos-8.13-src.tar.gz
+
  tar xvfz mod_qos-10.14.tar.gz
  
 
Instalasi paket pendukung
 
Instalasi paket pendukung
Line 11: Line 13:
 
Compile
 
Compile
  
  cd mod_qos-8.13/apache2/
+
  cd mod_qos-10.14/apache2/
 
  apxs2 -i -c mod_qos.c
 
  apxs2 -i -c mod_qos.c
  

Latest revision as of 07:39, 14 March 2013

Cara ini juga mungkin bisa digunakan untuk mengatasi serangan slowloris

Download

cd /tmp/
wget http://ncu.dl.sourceforge.net/project/mod-qos/mod_qos-10.14.tar.gz
tar xvfz mod_qos-10.14.tar.gz

Instalasi paket pendukung

apt-get install apache2-threaded-dev gcc

Compile

cd mod_qos-10.14/apache2/
apxs2 -i -c mod_qos.c

Konfigurasi

cd /etc/apache2/mods-available/

Edit

vi qos.load

isi dengan

LoadModule qos_module /usr/lib/apache2/modules/mod_qos.so

Edit

vi qos.conf

Isi dengan

## QoS Settings
<IfModule mod_qos.c>
    # handles connections from up to 100000 different IPs
    QS_ClientEntries 100000
    # will allow only 50 connections per IP
    QS_SrvMaxConnPerIP 50
    # maximum number of active TCP connections is limited to 256
    MaxClients              256 
    # disables keep-alive when 70% of the TCP connections are occupied:
    QS_SrvMaxConnClose      180
    # minimum request/response speed (deny slow clients blocking the server, ie. slowloris keeping connections open without requesting anything):
    QS_SrvMinDataRate       150 1200
    # and limit request header and body (carefull, that limits uploads and post requests too):
    # LimitRequestFields      30
    # QS_LimitRequestBody     102400
</IfModule>

Enable mod qos

a2enmod qos
/etc/init.d/apache2 restart


Referensi

Pranala Menarik