Problem:
When a DDOS attack or a burst of requests are coming at the same time in my Apache2 Web server, the whole server can run out of RAM and crash.
Possible solution:
Limit the number of simultaneous connections to your Web server per VirtualHost
Method: One simple and effective method done directly on the Apache web server is by using the modules : mod_bw(mod_bandwidth) and mod_vhost_limit. I prefer the mod_vhost_limit since it is much easier to configure and has proved more effective according to my tests.
Environment:
Compatible with Apache 2.2 xx and Apache 2.4.xx.
Note:For Apache 2.4.xx, a ‘Patching’ of the original source code must be done before compiling the module.
Steps:
Install the build environment tools:
apt-get install build-essential apache2-dev
Download the module sources and extract it.
wget http://apache.ivn.cl/files/source/mod_vhost_limit-0.2.tgz
tar fvxz mod_vhost_limit-0.2.tgz
ONLY FOR Apache 2.4.xx
Getting the patch and patching the original source.
Ref: https://github.com/pld-linux/apache-mod_vhost_limit
wget https://github.com/pld-linux/apache-mod_vhost_limit/archive/master.zip
unzip master.zip
cp apache-mod_vhost_limit-master/* mod_vhost_limit-0.2/
cd mod_vhost_limit-0.2/
patch mod_vhost_limit.c < mod_vhost_limit-apache24.patch
cd ..
FOR BOTH Apache 2.2..xx and Apache 2.4.xx
Compile, install and enable the module:
cd mod_vhost_limit-0.2
/usr/bin/apxs2 -i -a -c mod_vhost_limit.c
service apache2 restart
Use the module in a VirtualHost configuration:
<VirtualHost ......>
...........
# Limits the concurrent requests to 1000 for this vhost
<IfModule vhost_limit_module>
MaxVhostClients 1000
</IfModule>
...........
</VirtualHost>