Hi, My host deactivated my account a couple of times for 'performance issues'. It appears that many of my users are using a download manager like (idm) to download files off the server. These download managers make many connections to the (download.php) file and in some cases the (download.php) is getting hammered and my account gets deactivated. I want to be able to limit the maximum number of simultaneous connections per IP address. There are Apache modules which can do this, but I can't install them since I have a shared account. Is there a way I resolve this issue? Thanks
hahahaha IDM...the things you can find with IDM... do you have cppanel? search on google how to limit IPs using the system you have
I do have access to ccpanel, I also have shell access, but there are no built-in tools available to limit # of connections. Most of the tools available a informative only (throttling, # of processes). Currently, I have a PHP script (Anti-Hammer built by corz), but it's not enough as it doesn't catch everything. When a couple of IP slips by the script, my accounts get deactivated. Any thing I can modify in the PHP.ini? shell script?
Look into mod_limitipconn it may or may not still be around. nginx however does have the ability to limit with it's build in module.
Hi, There is mod_limitipconn, which prevents one user from making lots of connections to your server. mod_cband is another option, but I have never used it. You can also try mod_dosevasive or mod_security mod_dosevasive can be configured to ban an i.p. after a specified number or page requests to a site in specified time frame
After searching on google got a better solution ... not sure if it will work ... i have not tested this .. The lines below i have copied from another forum not sure if that works This is my iptables solution for this kind of issue. Adjust --seconds --hitcount as you need, also iptables table. iptables -A FORWARD -m state --state NEW -m recent --rcheck --seconds 600 --hitcount 5 --name ATACK --rsource -j REJECT --reject-with icmp-port-unreachable iptables -A FORWARD -d 192.168.0.113/32 -o eth1 -p tcp -m tcp --dport 80 -m recent --set --name ATACK --rsource -j ACCEPT Explained: 1) iptables check if source IP is listed on /proc/net/ipt_recent/ATACK file for 5 or more times in 600 seconds interval and if it's a NEW request. If it is, do a reject; else 2) iptables check if request is destinated to port 80. If so, print ip and timestamp to /proc/net/ipt_recent/ATACK and forward package.