Apache: Enable Mod QoS

Cara ini juga mungkin bisa digunakan untuk mengatasi serangan slowloris

Download

cd /tmp/
wget http://ncu.dl.sourceforge.net/project/mod-qos/mod_qos-10.14.tar.gz
tar xvfz mod_qos-10.14.tar.gz

Instalasi paket pendukung

apt-get install apache2-threaded-dev gcc

Compile

cd mod_qos-10.14/apache2/
apxs2 -i -c mod_qos.c

Konfigurasi

cd /etc/apache2/mods-available/

Edit

vi qos.load

isi dengan

LoadModule qos_module /usr/lib/apache2/modules/mod_qos.so

Edit

vi qos.conf

Isi dengan

## QoS Settings
<IfModule mod_qos.c>
    # handles connections from up to 100000 different IPs
    QS_ClientEntries 100000
    # will allow only 50 connections per IP
    QS_SrvMaxConnPerIP 50
    # maximum number of active TCP connections is limited to 256
    MaxClients              256 
    # disables keep-alive when 70% of the TCP connections are occupied:
    QS_SrvMaxConnClose      180
    # minimum request/response speed (deny slow clients blocking the server, ie. slowloris keeping connections open without requesting anything):
    QS_SrvMinDataRate       150 1200
    # and limit request header and body (carefull, that limits uploads and post requests too):
    # LimitRequestFields      30
    # QS_LimitRequestBody     102400
</IfModule>

Enable mod qos

a2enmod qos
/etc/init.d/apache2 restart

Referensi

• http://www.howtoforge.com/how-to-defend-slowloris-ddos-with-mod_qos-apache2-on-debian-lenny

Pranala Menarik

• Apache
• Instalasi Apache
• Konfigurasi Sederhana Virtual Host di Apache
• Apache: Mengatasi Overload
• Apache: Enable Mod Rewrite
• Apache: Mengatasi Serangan Slowloris
• Apache: Enable Mod QoS
• Apache: Keamanan
• Simpel HTTP Server
• phpMyAdmin: exploit information_schema