LiteSpeed Support Forums
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

LiteSpeed Support Forums (http://www.litespeedtech.com/support/forum/index.php)
-   Feedback/Feature Requests (http://www.litespeedtech.com/support/forum/forumdisplay.php?f=10)
-   -   Limit X petitions per Y unit of time (http://www.litespeedtech.com/support/forum/showthread.php?t=6626)

midulc 02-03-2013 03:39 PM
Limit X petitions per Y unit of time
 
http://blog.cherouvim.com/simple-dos...-mod_security/

We need that to be included natively in LiteSpeed.
You must be able to limit for example 5 petitions to all files (excluding types you mention, like .gif, .jpg, or whatever you put in the list) within X seconds. If over that, then ban the ip.

Possible?

NiteWave 02-03-2013 05:21 PM
there is some built-in anti-ddos feature in litespeed:
http://www.litespeedtech.com/docs/we...lientConnLimit

it's efficient and effective in real-world testing, for years.

midulc 02-04-2013 01:24 AM
not effective
 
In fact is not efective. Today attacks are done with a js code that makes a request per second like a real user, this is ran by thousands of computers. So only ways are cookie checking (urgent and great - see my other post) and this method i told you.

If you dont want to improve litespeed just say it but this is really necessary and im thinking about going back to apache and nginx if not added as i need to stop those attacks this way.

NiteWave 02-04-2013 03:10 AM
this looks a good post regarding test cookie:
http://umumble.com/blogs/Infosecurity/538/

litespeed's built-in anti-ddos has been approved to be effective to mitigate DDOS in many scenarios, but of course, it's not effective in all cases.

in fact, litespeed already has javascript based anti-ddos module, but how to use it is not decided yet.

the nginx test cookie module surely will give us a nice reference. Thanks.

midulc 02-05-2013 11:08 AM
When
 
When will you add this feature? As I do need it urgently.

webizen 02-05-2013 12:10 PM
Quote:
Originally Posted by midulc (Post 47258)
http://blog.cherouvim.com/simple-dos...-mod_security/

We need that to be included natively in LiteSpeed.
You must be able to limit for example 5 petitions to all files (excluding types you mention, like .gif, .jpg, or whatever you put in the list) within X seconds. If over that, then ban the ip.

Possible?
Please try the latest 4.2.2 which should support the the rules.

midulc 02-05-2013 12:20 PM
Which rules?
 
Which rules are you talking about?
Can you tell me the exact rules to put?
Im not just talking about this, but also about the cookies module.

webizen 02-05-2013 12:30 PM
It is the rules in that blog in the beginning of the thread which you asked about initially.

no ETA for js-based antiddos functions at this point as NiteWave mentioned.

midulc 02-05-2013 12:31 PM
Ok
 
Can you tell me exactly how to put mod_Security rules? I can't get them working.
I installed cpanel and then the module of litespeed for cpanel, what to putthe rules?
Tried and cannot get them working.
Thanks.

midulc 02-05-2013 12:32 PM
Oh, and..
 
And also, which ip will this restrinct? The Client ip of the header or the remoteaddr?


All times are GMT -7. The time now is 10:12 AM.
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page