Prevent Slowloris attack Ubuntu 14.04 apache 2.4

October 29, 2015 1.2k views
Deployment Apache Security DigitalOcean Ubuntu

Hi, I am using 2 GB droplet to host my web application. Here is the details.

OS:Ubuntu 14.04
Web Server: apache 2.4

I installed modqos to prevent Slowloris attack. But in error.log i am getting error
**server version is 2.4 but mod
qos should be used with Apache 2.2 only.**

Is there any need of mod_qos module for apache 2.4? If yes, then what is the suitable configuration for 2GB droplet that i can use to prevent the Slowloris attack.

For now i am using this configuration. Taking a expert advise, please change the configuration that i should use.

## QoS Settings
<IfModule mod_qos.c>
    # handles connections from up to 100000 different IPs
    QS_ClientEntries 100000
    # will allow only 50 connections per IP
    QS_SrvMaxConnPerIP 50
    # maximum number of active TCP connections is limited to 256
    MaxClients              256 
    # disables keep-alive when 70% of the TCP connections are occupied:
    QS_SrvMaxConnClose      180
    # minimum request/response speed (deny slow clients blocking the server, ie. slowloris keeping connections open without requesting anything):
    QS_SrvMinDataRate       150 1200
    # and limit request header and body (carefull, that limits uploads and post requests too):
    # LimitRequestFields      30
    # QS_LimitRequestBody     102400


Be the first one to answer this question.