[CentOS] Re: centos and apache DOS question

Sun Oct 22 02:35:58 UTC 2006
DamianS <clovis at iinet.net.au>

> The thing I am concerned about is, what if someone decides to do this because they
> want to bring the server down? This seems like a trivial way to execute a DOS.
> 
> So my question really is how do I prevent un-polite people from bringing the
> server down? httpd appears to be consuming all of the available memory when this
> occurs. If I increase the max https processes will that not aggrivate the 
> situation? If I need to add more memory I can do that but I am trying to understand
> exactly what is going on here.
> 
More memory will not help.
You want to restrict the max number of concurrent http connections from
each IP.
This will not prevent a full-scale DOS attack, which could potentially
involve tens of thousands of zombie machines attacking your server.