LiteSpeed Technologies
Download Download     Blog Blog     Wiki Wiki     Forum Forum     Store     Contact Contact    

Go Back   LiteSpeed Support Forums > LiteSpeed Web Server > Feedback/Feature Requests > Limit X petitions per Y unit of time

Reply
 
Thread Tools Display Modes
  #1  
Old 02-03-2013, 03:39 PM
midulc midulc is offline
Member
  
Join Date: Jun 2012
Posts: 15
Default Limit X petitions per Y unit of time
http://blog.cherouvim.com/simple-dos...-mod_security/

We need that to be included natively in LiteSpeed.
You must be able to limit for example 5 petitions to all files (excluding types you mention, like .gif, .jpg, or whatever you put in the list) within X seconds. If over that, then ban the ip.

Possible?
Reply With Quote
  #2  
Old 02-03-2013, 05:21 PM
NiteWave NiteWave is offline
LiteSpeed Staff
  
Join Date: Sep 2009
Posts: 2,218
there is some built-in anti-ddos feature in litespeed:
http://www.litespeedtech.com/docs/we...lientConnLimit

it's efficient and effective in real-world testing, for years.
Reply With Quote
  #3  
Old 02-04-2013, 01:24 AM
midulc midulc is offline
Member
  
Join Date: Jun 2012
Posts: 15
Default not effective
In fact is not efective. Today attacks are done with a js code that makes a request per second like a real user, this is ran by thousands of computers. So only ways are cookie checking (urgent and great - see my other post) and this method i told you.

If you dont want to improve litespeed just say it but this is really necessary and im thinking about going back to apache and nginx if not added as i need to stop those attacks this way.
Reply With Quote
  #4  
Old 02-04-2013, 03:10 AM
NiteWave NiteWave is offline
LiteSpeed Staff
  
Join Date: Sep 2009
Posts: 2,218
this looks a good post regarding test cookie:
http://umumble.com/blogs/Infosecurity/538/

litespeed's built-in anti-ddos has been approved to be effective to mitigate DDOS in many scenarios, but of course, it's not effective in all cases.

in fact, litespeed already has javascript based anti-ddos module, but how to use it is not decided yet.

the nginx test cookie module surely will give us a nice reference. Thanks.
Reply With Quote
  #5  
Old 02-05-2013, 11:08 AM
midulc midulc is offline
Member
  
Join Date: Jun 2012
Posts: 15
Default When
When will you add this feature? As I do need it urgently.
Reply With Quote
  #6  
Old 02-05-2013, 12:20 PM
midulc midulc is offline
Member
  
Join Date: Jun 2012
Posts: 15
Default Which rules?
Which rules are you talking about?
Can you tell me the exact rules to put?
Im not just talking about this, but also about the cookies module.
Reply With Quote
  #7  
Old 02-05-2013, 12:10 PM
webizen webizen is offline
LiteSpeed Staff
  
Join Date: Oct 2010
Posts: 2,337
Quote:
Originally Posted by midulc View Post
http://blog.cherouvim.com/simple-dos...-mod_security/

We need that to be included natively in LiteSpeed.
You must be able to limit for example 5 petitions to all files (excluding types you mention, like .gif, .jpg, or whatever you put in the list) within X seconds. If over that, then ban the ip.

Possible?
Please try the latest 4.2.2 which should support the the rules.
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Hybrid Mode Hybrid Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -7. The time now is 11:34 AM.



- Archive - Top
© Copyright 2003-2011 LiteSpeed Technologies, Inc. All rights reserved. Privacy Policy.