> The thing I am concerned about is, what if someone decides to do this because they > want to bring the server down? This seems like a trivial way to execute a DOS. > > So my question really is how do I prevent un-polite people from bringing the > server down? httpd appears to be consuming all of the available memory when this > occurs. If I increase the max https processes will that not aggrivate the > situation? If I need to add more memory I can do that but I am trying to understand > exactly what is going on here. > More memory will not help. You want to restrict the max number of concurrent http connections from each IP. This will not prevent a full-scale DOS attack, which could potentially involve tens of thousands of zombie machines attacking your server.