Skip to main content

Deals You Can't Miss

1 Year Subscription

Apache 2 Webserver Throttling with mod_evasive Module

After installing mod_evasive, you can verify whether the mod_evasive module is enabled by running the following command:
The default configuration file of mod_evasive is located at /etc/apache2/mods-enabled/evasive.conf, which you will need to configure per your requirements. Below is minimal workable configuration: 
  • DOSHashTableSize: mod_evasive uses this option to control the hash table size. It is recommended to increase this if you have a busy web server.
  • DOSPageCount: This option specifies the threshold limit for the number of requests allowed to the same URI per second. Once the threshold limit has been exceeded, the client’s IP address will be blacklisted.
  • DOSSiteCount: This option specifies the limit on the total number of requests allowed to the same IP address.
  • DOSPageInterval: This option specifies the page count interval.
  • DOSSiteInterval: This option specifies the site count interval.
  • DOSBlockingPeriod: This option defines the amount of time in seconds that a client will be blocked.
  • DOSEmailNotify: This option sends an email to the specified address when an IP address has been blacklisted.
  • DOSSystemCommand: Whenever an IP address has been blacklisted, the specified system command will be executed.
  • DOSLogDir: This option defines the mod_evasive log directory.
Further to this, if you are using php deployment that is using mpm_prefork_module (we are using this in one of our project deployments), then the below changes are to be made to this module's config (i.e. /etc/apache2/mods-enabled/mpm_prefork.conf) for the mod_evasive to work:
Basically fix the number of servers to constant by setting
StartServers = MinSpareServers = MaxSpareServers = {your_magic_number} and set MaxConnectionsPerChild=0, so that no new server processes are spawned and no re-cycling of connections happen, allowing Child to hold infinitely many concurrent connections.

Finally, restart the Apache service to implement the changes by executing the following command in terminal: sudo systemctl restart apache2

My Popular Posts

Ten Commandments of Egoless Programming

We are nothing but the values we carry. All through my life thus far, I tried to influence people around me with the virtues I value. Thanks to some good reading habits I had inculcated, and the fortune of being in good community of peers and mentors alike, I managed to have read some real good books. This post is about the 10 commands of egoless programming in Weinberg's book. I shall explain the commandments based on my experience here. So very many decades ago, Gerald M. Weinberg authored  The Psychology of Computer Programming . In it, he listed The Ten Commandments of  Egoless Programming , which remains relevant even today for us as not just programmers but as team-members. Weinberg is regarded as a pioneer in taking a people-centric approach to computing, and his work endures as a good guide to intelligence, skill, teamwork, and problem-solving power of a developer. When they appear to inspire and instruct, we find that they can apply to just about every business area, and e

Should I buy refurbished laptop from Amazon?

This post is based on my experience with and guess it to be true on all other platforms as well. At least you can check out and verify for these pointers before you make that decision to buy renewed/refurbished laptop on Amazon with your hard earned money. I see this question propping up in several forums and on many different occasions. In the recent past, I had my 5 year old dell laptop that gave up because its motherboard failed. One of the options that I had in my mind was to re-use the HDD and the 16GB DDR4 RAM of that old laptop in the one that I purchase next as secondary.  I had come to a conclusion that it is not worth buying a refurbished/renewed laptop at all. Why? For the following reasons, most of which I see as BIG #RedFlags: You got to remember that Amazon provides a platform for 3rd party sellers to sell their products as well. So in your search for refurbished laptops you wouldn’t want to choose some random 3rd party seller who Amazon doesn’t endorse. You cou

Multi-tenant Architectures

  Multi-tenancy Application Deployment Architecture could be modeled in 4 broad ways: Separate Apps & Separate Databases Shared Apps & Shared Databases Separate Apps & Shared Databases Shared Apps & Separate Databases There is no right or wrong here. It's about choice and consequence that you should consider taking into your business context and constraints. In this post I intend to jot down a some key points to keep in mind for each of these multi-tenant architecture. These are more of quick notes for my quick reference, a cheat-sheet of sorts when I have to make choices. And I guess this can come handy to you too in your wise decision making. Separate Apps & Separate Databases Easiest to implement from development and deployment stand-point. Just automate the deployment infrastructure for every tenant for quick set-up. Most expensive of all the models from infrastructure cost stand-point. Relatively longer deployment t