Apache module mod_limitipconn.c is a module which allows web server administrators to limit the number of simultaneous downloads permitted from a single IP address.
To set the IP limit on the server using mod_security.
Check apache version first on server.
httpd -v
Go to the below path
cd /usr/local/src/
Download the mod_limitpconn using the below link. I am having apache version 2.2.22. As per your apache version download the file.
wget http://dominia.org/djao/limit/mod_limitipconn-0.24.tar.bz2
Untar the file
tar -xvf mod_limitipconn-0.24.tar.bz2
Go to that folder
cd mod_limitipconn-0.24
Compile it with apache
make
make install
Check the apache syntax and restart the apache service if it is Ok
httpd -t
/etc/init.d/httpd restart
Add the below lines in httpd.conf
vi /usr/local/apache/conf/httpd.conf
# This command is always needed
ExtendedStatus On# Only needed if the module is compiled as a DSO
LoadModule limitipconn_module lib/apache/mod_limitipconn.so<IfModule mod_limitipconn.c>
# Set a server-wide limit of 10 simultaneous downloads per IP,
# no matter what.
MaxConnPerIP 10
<Location /somewhere>
# This section affects all files under http://your.server/somewhere
MaxConnPerIP 3
# exempting images from the connection limit is often a good
# idea if your web page has lots of inline images, since these
# pages often generate a flurry of concurrent image requests
NoIPLimit image/*
</Location><Directory /home/*/public_html>
# This section affects all files under /home/*/public_html
MaxConnPerIP 1
# In this case, all MIME types other than audio/mpeg and video*
# are exempt from the limit check
OnlyIPLimit audio/mpeg video
</Directory>
</IfModule>
Check the syntax if everything is ok then restart the apache.
httpd -t
/etc/init.d/httpd restart
/etc/init.d/httpd status
Confirm that domains are working on the server. You can select the domain from the below file and try randomly accessing it.
cat /etc/userdomains.
Notes:
This module will not function unless mod_status is loaded and the “ExtendedStatus On” directive is set.
Make sure mod security is already installed on the server using easyapache.
You must log in to post a comment.