Prevent Slowloris attack Ubuntu 14.04 apache 2.4
Hi, I am using 2 GB droplet to host my web application. Here is the details.
Web Server: apache 2.4
I installed modqos to prevent Slowloris attack. But in error.log i am getting error
**server version is 2.4 but modqos should be used with Apache 2.2 only.**
Is there any need of mod_qos module for apache 2.4? If yes, then what is the suitable configuration for 2GB droplet that i can use to prevent the Slowloris attack.
For now i am using this configuration. Taking a expert advise, please change the configuration that i should use.
## QoS Settings <IfModule mod_qos.c> # handles connections from up to 100000 different IPs QS_ClientEntries 100000 # will allow only 50 connections per IP QS_SrvMaxConnPerIP 50 # maximum number of active TCP connections is limited to 256 MaxClients 256 # disables keep-alive when 70% of the TCP connections are occupied: QS_SrvMaxConnClose 180 # minimum request/response speed (deny slow clients blocking the server, ie. slowloris keeping connections open without requesting anything): QS_SrvMinDataRate 150 1200 # and limit request header and body (carefull, that limits uploads and post requests too): # LimitRequestFields 30 # QS_LimitRequestBody 102400 </IfModule>