Right now someone is doing a DOS attack on my server via ApacheBench. I created a .htaccess file and put the IP address of the offending system and I emailed a cease and disist email to the offending computer's ISP.

My server is still a little sluggish right now so I'm wondering if I can do anything else in Apache 2.

Also, is it possible to block the IP address from BIND instead of from APache?

I just tweaked Apache recently to handle more traffic. I heard that connection timeout can be set to about 30 might help. So, if anyone has some tips, that would be great. It looks like I need to alternate from high traffic Apache settings to DOS tweaked Apache settings.

If it's just one IP , use iptables to drop him or install a decent firewall like APF which will help.

After installing the apf try configuring the antidos feature which is availabe in the

/etc/apf/ad

You can configure it by editing the conf.antidos. For more details try rfxnetworks site.

Dont forget to install the BFD too. As the APF and BFD can make a good preventive solution for you.

Any links to these firewalls guys?

http://www.rfxnetworks.com/apf.php
http://www.rfxnetworks.com/bfd.php

you may find the following links useful tto..

Apf Installation guide : http://www.crucialparadigm.com/resources/tutorials/secure-server-securing/how-to-install-apf-advanced-policy-firewall.php

Bfd Installation guide :
http://www.crucialparadigm.com/resources/tutorials/secure-server-securing/how-to-install-BFD-brute-force-detection.php

:)

I am sorry, I will stop DOS attacking you. :(

Originally posted by KevinShikel
I am sorry, I will stop DOS attacking you. :(

What does it really mean??

:)