07-05-2009, 08:23 PM
Join Date: Jul 2009
Why not set the outbound bandwidth/inbound bandwidth settings? Something like 300K outbound and 10K inbound should do. When under attack you'll also want to lower dynamic requests/second to 1 and connection soft/hard limit to around 10/20. All your other settings look fine during an attack.
Originally Posted by -KaaL-
I was getting tht error while server was getting DDoSed..
so increasing tht would just ease the protection rite?
And i have put the setting you said earlier.. but this is not helping me against attack..
Static Requests/second - 10
Dynamic Requests/second - 2
Outbound Bandwidth (bytes/sec) - 0
Inbound Bandwidth (bytes/sec) - 0
Connection Soft Limit - 20
Connection Hard Limit - 30
Grace Period (sec) - 30
Banned Period (sec) - 3600
Max Connections : 900
Connection Timeout (secs) : 15
Max Keep-Alive Requests : 90
Smart Keep-Alive : Yes
Keep-Alive Timeout (secs) : 3
and yes im talking about the mod_status of apache.. can it work with litespeed? Because i am not getting a log of who are visitng and their Request details on LiteSpeed.
Also as previously mentioned in this thread you'll want to install CSF and use it's connection tracking feature. Based on that graph you posted you should have no problem mitigating that attack with a properly tuned LSWS + CSF setup, assuming you have enough resources and a 100mbit pipe to work with.