apache module

 

Apache module mod_limitipconn.c is a module which allows web server administrators to limit the number of simultaneous downloads permitted from a single IP address.

 

 

To set the IP limit on the server using mod_security.

Check apache version first on server.

httpd -v

Go to the below path

cd /usr/local/src/

Download the mod_limitpconn using the below link. I am having apache version 2.2.22. As per your apache version download the file.

wget http://dominia.org/djao/limit/mod_limitipconn-0.24.tar.bz2


Untar the file

tar -xvf mod_limitipconn-0.24.tar.bz2

Go to that folder

cd mod_limitipconn-0.24

Compile it with apache

make
make install

Check the apache syntax and restart the apache service if it is Ok

httpd -t
/etc/init.d/httpd restart

Add the below lines in httpd.conf

vi /usr/local/apache/conf/httpd.conf

 

# This command is always needed
ExtendedStatus On

# Only needed if the module is compiled as a DSO
LoadModule limitipconn_module lib/apache/mod_limitipconn.so

<IfModule mod_limitipconn.c>

# Set a server-wide limit of 10 simultaneous downloads per IP,
# no matter what.
MaxConnPerIP 10
<Location /somewhere>
# This section affects all files under http://your.server/somewhere
MaxConnPerIP 3
# exempting images from the connection limit is often a good
# idea if your web page has lots of inline images, since these
# pages often generate a flurry of concurrent image requests
NoIPLimit image/*
</Location>

<Directory /home/*/public_html>
# This section affects all files under /home/*/public_html
MaxConnPerIP 1
# In this case, all MIME types other than audio/mpeg and video*
# are exempt from the limit check
OnlyIPLimit audio/mpeg video
</Directory>
</IfModule>

Check the syntax if everything is ok then restart the apache.

httpd -t
/etc/init.d/httpd restart
/etc/init.d/httpd status

Confirm that domains are working on the server. You can select the domain from the below file and try randomly accessing it.

cat /etc/userdomains.

 

Notes:

This module will not function unless mod_status is loaded and the “ExtendedStatus On” directive is set.

Make sure mod security is already installed on the server using easyapache.