Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Thread Tools Display Modes
Old 4th August 2008, 12:52
Karel Karel is offline
Junior Member
Join Date: Jun 2007
Posts: 12
Thanks: 0
Thanked 1 Time in 1 Post
Default mod_evasive & svn (webdav) (or preventing DoS)


I have a funny problem - I administer a fairly small server which can go crazy when people try to do something very abusive (like downloading all files from one domain through a 10 mbps line, 30+ concurrent connections from one IP, this happened yesterday).

I want to prevent that through mod_evasive. Unfortunately, I also use Apache to serve svn repository, with webdav. The problem is, mod_evasive blocks any repository checkout as DoS attack, and it cannot run only for one virtual host (or be disabled for a single vhost).

So far, I know about three solutions:
1) Run svn via Apache 1 or svnserver - not possible, clients are authenticated against a custom database.

2) Do some magic port forwarding - so that I can whitelist server IP, and forward requests for svn on port to another port on the server to listening Apache, but make it look like that the request is coming from server IP. I tried, and I'm still trying playing with iptables and snat, but so far, I haven't been successful.

3) Use other Apache module? Create iptables script to block "DoS" (read things like FasterFox, web downloaders)? Any other suggestions?

I have to take some action, during normal operations, there are about 20 running Apache childs on my server at maximum, and yesterday, just single idiot succeeded in running another thirty or forty (= full swap, load > 20.0, unresponsive server etc.)
Reply With Quote
Sponsored Links


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT +2. The time now is 08:09.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.