Installing mod_limitipconn.c
http://dominia.org/djao/

Intro
============
This is the distribution page for the Apache module mod_limitipconn.c, which
allows web server administrators to limit the number of simultaneous downloads
permitted from a single IP address.

Why did I write this module? Well, I run an mp3 server which since its
inception was being constantly hosed by people who were trying to download
dozens of files at once. For months I scoured the Internet looking for a code
snippet that would solve this problem. The closest thing I found was this patch
against an old version of Apache, and it didn't run properly on my Linux box
(that was back then; nowadays, the patch doesn't even apply cleanly to the
Apache source tree).

Finally I gave up and decided to write something to do the job myself, and
here's the result.
=================
Log into ssh

cd /usr/src
wget http://dominia.org/djao/limit/mod_limitipconn-0.04.tar.gz
tar xzvf mod_limitipconn-0.04.tar.gz
cd mod_limitipconn-0.04

pico Makefile
find the line that reads APXS=apxs[/b]
change that to
APXS=/usr/local/apache/bin/apxs

press cntrl O to save
then cntrl X

// if your locations to apxs is different
locate apxs and copy the path
then paste that in
//

make
make install

service httpd restart

pico -w /etc/httpd/conf/httpd.conf

locate ExtendedStatus
Make sure ExtendedStatus is on and without the comment at the start

and add this line to every virtual directory you want to limit
or add it once to the main directory to limit all

<IfModule mod_limitipconn.c>
<Location /somewhere>
MaxConnPerIP 3
# exempting images from the connection limit is often a good
# idea if your web page has lots of inline images, since these
# pages often generate a flurry of concurrent image requests
NoIPLimit image/*
</Location>

<Location /mp3>
MaxConnPerIP 1
# In this case, all MIME types other than audio/mpeg and video*
# are exempt from the limit check
OnlyIPLimit audio/mpeg video
</Location>
</IfModule>

press cntrl O to save
then cntrl X
then service httpd restart

Thats great.

Very good.
Someday i ll need to use it.
Tnks

i have followed all of the instructions above but it still did not work.

I did change the location /somewhere to the directory I want to limit

Any ideas to correct that? please help

I've only managed to get it working under each seperate virtual host and in that I have something like this.

<IfModule mod_limitipconn.c>
<Location />
MaxConnPerIP 3
NoIPLimit image/*
</Location>
</IfModule>

hope that helps

Thanks man.

I have had similar problems lately. This should do the trick.

Good luck.

I got ERROR 404 when downloading. Can you update the latest? Thanks!

[/usr/src]# wget http://dominia.org/djao/limit/mod_l...onn-0.04.tar.gz
--01:24:31-- http://dominia.org/djao/limit/mod_l...onn-0.04.tar.gz
=> `mod_l...onn-0.04.tar.gz'
Resolving dominia.org... done.
Connecting to dominia.org[18.208.0.43]:80... connected.
HTTP request sent, awaiting response... 404 Not Found
01:24:31 ERROR 404: Not Found.

The creator david, has updated the link, (not me)http://dominia.org/djao/limit/contrib/sbarta/mod_limitipconn.c

I dont think this will come out as a full url so right mouse click copy shortcut and then

wget url

how is the setting i should use to limit zip files download? most of my sites anime and video files are in zipped.

Someday i ll need to use it.
Thanks

Blueheaven, that really looks great
What is the logic you are using here?

i cant make it work with my wma and wmv files :(

ok , do this trick
<IfModule mod_limitipconn.c>
<Location />
MaxConnPerIP 3
NoIPLimit image/*
</Location>
</IfModule>
and i got this work . Very cool apache mod . :)

And after 2 day of using this mod , i found out a very very big problem . Some users who have same ip class and netmask like aol will be all limit at 3 connection . Anyway we can fix this ?

what percentage of people are on aol?

Limiting ip's seems to be really only good if you have tons of traffic, like if you have too much traffic, that it slows your webpages down.

for example if I don't use this mod, my webpages takes 10* longer to load

Blueheaven, you potentially saved a big crisis for me with this. I need to implement this ASAP.

Namely... I have a website with a really badly written auction script. With this script, it is extremely easily to burst server load up. One IP with several connections to that site bursts server load.

I was thinking of using mod_bandwidth to limit number of connections per site, which is a solution that is really not too adequate.

For this... LOL if you were near a good meal and a six-pack would be in order ;)

The problem is not only AOL users behind a firewall , some another isp also have same issue .

After re-read again a README file , i found out a solution :

---------------
Proxy client tracking

By default, all clients behind a proxy are treated as coming from the
proxy server's IP address. If you patch Apache with the included patch
and configure with --with-forward and rebuild, the real IP addresses
of clients behind proxies are correctly detected. You will need to
either compile statically or compile with -DRECORD_FORWARD.

If you don't patch the server, DO NOT compile with RECORD_FORWARD
defined. The module will still function, but it will not recognize
clients behind proxies.
---------------------
But i dont clearly and understand enough to path this . It will very nice if someone can have a How To for this path .
I am using apache 1.3 , cpanel , CentOS
Hope there are someone :D

Anyone faced performance problems with this patch !!

HEHEHEHEHEHE!

We had a sicko on one large site (the site from my previous post - lots of SELECT * unoptimized mySQL queries and lots of database reads) that just got his cable connection and was abusing it with some script lifting server loads every day around 7-9 PM.

Put this module in, no problems anymore.

Thanks, Blueheaven!

I have been using mod_limitipconn.c for over 1 year.
It will increase CPU use by 5% on apache 2.0.52 and with 2-3% on apache 1.3.x

But, it works wonders for my server where I want resources for game server, not web server and stops web spamming scipt kiddies.

A must have!

Does anyone checked how ModIpConn works with this vhost patch:
http://dominia.org/djao/limit/contrib/mc/README
http://dominia.org/djao/limit/contrib/mc/mod_limitipconn-0.04-vhost.patch

I need it badly to limit connections per VHOST parameter and not per location folder, but I see that this patch only have version of 0.03 while main mod version is 0.04 so I am afraid to install it on production server.
Did anyone test how this patch works to limit ip connections per Vhost?

would anyone be willing to install this for me cuz im a n00b to this of course i would be willing to pay

Hello,
Just wanted to say that the pico command doesn't work with CentOS, i used vi.
I got stuck at this command:
make
make install

returns:
make: /usr/local/apache/bin/apxs: Command not found
make: *** [mod_limitipconn.so] Error 127

could anyone help please :x im running CentOS

If you don't have the apxs, then you will need to download and install the httpd-devel package for your OS, then the apxs should be there.

Before doing this, please search your system (like with locate or whatever) to make sure, or do 'rpm -q httpd-devel' and see if it returns a package/version name.

thank you very much

Just wanted to say that the pico command doesn't work with CentOS

Tha'd b e because of UW licensing issues. It's been like this at least since redhat 8 (psyche), and probably longer You can get and build the pico command from their homepage (http://freshmeat.net/redir/pico/8078/url_tgz/pine.tar.gz), or you can use nano, which is a decent clone.

make: /usr/local/apache/bin/apxs: Command not found

That will work on CPanel and DirectAdmin servers. If you're not using either, then you will need to find the correct apxs script for your distro. Type locate apxs and you'll find it (if it's there). If that returns nothing, then you probably need to install the -devel packages as suggested earlier :)

How could I add custom extensions to be restricted? Great mod, i'm sure it'll help my server loads. Thanks!

I compiled it using the method on this tutorial then later compiled again with the "proxy client tacking" feature. Would this break things on the server?

the "enable proxy client detection feature" in mod_limitipconn breaks the Apache config :( My Apache is 1.3.34. I patched using:

patch -p1 < ../mod_limitipconn-0.04/apachesrc.diff
cp ../mod_limitipconn-0.04/mod_limitipconn.c src/modules/extra/
./configure --activate-module=src/modules/extra/mod_limitipconn.c --with-forward
make
make install



/etc/init.d/httpd restart: httpd not running, trying to start
Syntax error on line 209 of /usr/local/apache/conf/httpd.conf:
Invalid command 'LoadModule', perhaps mis-spelled or defined by a module not included in the server configuration

It breaks the LoadModule, tech support had to recompile Apache to fix the problem. Anyone know how to get around this problem after installing the proxy detection feature?

Other people have the same problem after modifying apache conf.

http://groups.google.com/group/comp.infosystems.www.servers.unix/browse_thread/thread/74652490bc1de5ab/0eff93ff05584f9a?lnk=st&q=Invalid+command+'LoadModule'&rnum=1&hl=en#0eff93ff05584f9a

http://groups.google.com/group/comp.infosystems.www.servers.unix/browse_thread/thread/27190fe6c3c4e512/cb934b51967edb5f?lnk=st&q=Invalid+command+'LoadModule'&rnum=6&hl=en#cb934b51967edb5f

sorry for making many consecutive posts.

> patch -p1 < /usr/src/mod_limitipconn-0.04/apachesrc.diff

patching file configure
Hunk #1 succeeded at 415 (offset -39 lines).
patching file src/include/scoreboard.h
Hunk #1 succeeded at 115 (offset -43 lines).
patching file src/main/http_main.c
Hunk #1 succeeded at 2603 (offset 42 lines).
Hunk #2 succeeded at 2606 (offset 5 lines).
patching file src/modules/standard/mod_status.c
Hunk #1 succeeded at 463 with fuzz 2 (offset -23 lines).
Hunk #2 FAILED at 658.
1 out of 2 hunks FAILED -- saving rejects to file src/modules/standard/mod_status.c.rej


not sure what's going on..

I am having some difficulties with this program even though it seems my server meets the requirements.
I am using:

WHM 10.8.0 cPanel 10.8.1-R30
RedHat 9 i686 - WHM X v3.1.0

also httpd-devel is installed since i used the command rpm -1 httpd-devel to check.

root@serv [/usr/src/mod_limitipconn-0.04]# rpm -q httpd-devel
httpd-devel-2.0.40-21

I went into SSH ftp to check if my APXS file is located in the actual directory and indeed apxs is in usr/local/apache/bin/apxs, however when i use the command "make" I still get this error:

root@serv [/usr/src/mod_limitipconn-0.04]# make
/usr/local/apache/bin/apxs -c mod_limitipconn.c
make: /usr/local/apache/bin/apxs: Command not found
make: *** [mod_limitipconn.so] Error 127

is there an explaination for this failure?

<IfModule mod_limitipconn.c>
<Location /somewhere>
MaxConnPerIP 3
# exempting images from the connection limit is often a good
# idea if your web page has lots of inline images, since these
# pages often generate a flurry of concurrent image requests
NoIPLimit image/*
</Location>

<Location /mp3>
MaxConnPerIP 1
# In this case, all MIME types other than audio/mpeg and video*
# are exempt from the limit check
OnlyIPLimit audio/mpeg video
</Location>
</IfModule>


Is /somewhere something I have to leave alone, or its I should make it the parent, e.g.: /home?

Also I am using apache 2, everything is OK, but I cant find ExtendedStatus in httpd.conf, but I can find the mod_status:

<Location /server-status>
SetHandler server-status

Order Deny,Allow
Deny from all
Allow from .foo.com
</Location>

So I should add the ExtendedStatus to that section and uncomment it all?

thanks,

Peace,

mod_limitipconn.c
Scott Barta Partially fixes the problem of dangling browser connections counting towards the download limit.

how do I use the updated version?

I get this when i try to compile it:

[root@neptune mod_limitipconn-0.04]# make
/usr/local/apache2/bin/apxs -c mod_limitipconn.c
/usr/local/apache2/build/libtool --silent --mode=compile gcc -prefer-pic -DAP_HAVE_DESIGNATED_INITIALIZER -DLINUX=2 -D_REENTRANT -D_XOPEN_SOURCE=500 -D_BSD_SOURCE -D_SVID_SOURCE -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/apache2/include -I/usr/local/apache2/include -I/usr/local/apache2/include -c -o mod_limitipconn.lo mod_limitipconn.c && touch mod_limitipconn.slo
mod_limitipconn.c:39: error: syntax error before "limitipconn_module"
mod_limitipconn.c:39: warning: data definition has no type or storage class
mod_limitipconn.c:43: error: syntax error before "array_header"
mod_limitipconn.c:43: warning: no semicolon at end of struct or union
mod_limitipconn.c:45: warning: data definition has no type or storage class
mod_limitipconn.c:47: error: syntax error before '}' token
mod_limitipconn.c:47: warning: data definition has no type or storage class
mod_limitipconn.c:49: error: syntax error before '*' token
mod_limitipconn.c: In function `limitipconn_create_dir_config':
mod_limitipconn.c:51: error: `cfg' undeclared (first use in this function)
mod_limitipconn.c:51: error: (Each undeclared identifier is reported only once
mod_limitipconn.c:51: error: for each function it appears in.)
mod_limitipconn.c:51: error: syntax error before ')' token
mod_limitipconn.c:56: error: `p' undeclared (first use in this function)
mod_limitipconn.c: In function `limitipconn_handler':
mod_limitipconn.c:65: error: `cfg' undeclared (first use in this function)
mod_limitipconn.c:65: error: syntax error before ')' token
mod_limitipconn.c:66: error: request for member `module_index' in something not a structure or union
mod_limitipconn.c:84: error: `short_score' undeclared (first use in this function)
mod_limitipconn.c:84: error: syntax error before "score_record"
mod_limitipconn.c:95: error: too few arguments to function `ap_sub_req_lookup_uri'
mod_limitipconn.c:138: error: `HARD_SERVER_LIMIT' undeclared (first use in this function)
mod_limitipconn.c:139: error: `score_record' undeclared (first use in this function)
mod_limitipconn.c: In function `limit_config_cmd':
mod_limitipconn.c:190: error: `cfg' undeclared (first use in this function)
mod_limitipconn.c:190: error: syntax error before ')' token
mod_limitipconn.c: In function `no_limit_config_cmd':
mod_limitipconn.c:206: error: `cfg' undeclared (first use in this function)
mod_limitipconn.c:206: error: syntax error before ')' token
mod_limitipconn.c:208: warning: assignment makes pointer from integer without a cast
mod_limitipconn.c: In function `excl_limit_config_cmd':
mod_limitipconn.c:216: error: `cfg' undeclared (first use in this function)
mod_limitipconn.c:216: error: syntax error before ')' token
mod_limitipconn.c:218: warning: assignment makes pointer from integer without a cast
mod_limitipconn.c: At top level:
mod_limitipconn.c:224: warning: initialization from incompatible pointer type
mod_limitipconn.c:226: warning: initialization from incompatible pointer type
mod_limitipconn.c:228: warning: initialization from incompatible pointer type
mod_limitipconn.c:234: error: syntax error before "pool"
mod_limitipconn.c: In function `limitipconn_init':
mod_limitipconn.c:235: error: `s' undeclared (first use in this function)
mod_limitipconn.c:236: warning: passing arg 5 of `ap_log_error' from incompatible pointer type
mod_limitipconn.c:236: error: too few arguments to function `ap_log_error'
mod_limitipconn.c: At top level:
mod_limitipconn.c:239: error: syntax error before "limitipconn_module"
mod_limitipconn.c:240: error: `this_module_needs_to_be_ported_to_apache_2_0' undeclared here (not in a function)
mod_limitipconn.c:240: error: initializer element is not constant
mod_limitipconn.c:240: error: (near initialization for `limitipconn_module')
mod_limitipconn.c:241: warning: excess elements in scalar initializer
mod_limitipconn.c:241: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:242: warning: excess elements in scalar initializer
mod_limitipconn.c:242: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:243: warning: excess elements in scalar initializer
mod_limitipconn.c:243: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:244: warning: excess elements in scalar initializer
mod_limitipconn.c:244: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:245: warning: excess elements in scalar initializer
mod_limitipconn.c:245: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:246: warning: excess elements in scalar initializer
mod_limitipconn.c:246: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:247: warning: excess elements in scalar initializer
mod_limitipconn.c:247: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:248: warning: excess elements in scalar initializer
mod_limitipconn.c:248: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:249: warning: excess elements in scalar initializer
mod_limitipconn.c:249: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:250: warning: excess elements in scalar initializer
mod_limitipconn.c:250: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:251: warning: excess elements in scalar initializer
mod_limitipconn.c:251: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:252: warning: excess elements in scalar initializer
mod_limitipconn.c:252: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:253: warning: excess elements in scalar initializer
mod_limitipconn.c:253: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:254: warning: excess elements in scalar initializer
mod_limitipconn.c:254: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:255: warning: excess elements in scalar initializer
mod_limitipconn.c:255: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:256: warning: excess elements in scalar initializer
mod_limitipconn.c:256: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:257: warning: excess elements in scalar initializer
mod_limitipconn.c:257: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:259: warning: excess elements in scalar initializer
mod_limitipconn.c:259: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:259: warning: data definition has no type or storage class
apxs:Error: Command failed with rc=65536
.
make: *** [mod_limitipconn.so] Error 1


Any hint is highly appreciated

uname -a : Linux x.x.com 2.6.9-22.0.1.EL #1 Thu Oct 27 12:26:11 CDT 2005 i686 i686 i386 GNU/Linux

(CentOS Fedora core 3)

[root@x mod_limitipconn-0.04]# apachectl -v
Server version: Apache/2.0.52
Server built: Jan 5 2006 12:31:31

Nice thanks very cool MOD ! It s very important

Thats great.Very cool apache mod .

Hi,

I'm a beginer so please forgive me if I sound dump. I'm trying to learn my way into the the Linux world to start a small web business.

Now, I have a AMD 2.8 GHz with 1GB RAM running RH LE 3. I'm running Apache

[root@admin mod_limitipconn-0.22]# apachectl -v
Server version: Apache/2.0.46
Server built: Feb 11 2005 13:35:50

I did download Plesk and managed to install it and now everything works fine except that I want to install the mod_limitipconn.c module to limite and control the server trafice.

I downloaded the tar.gz package of the mod_limitipconn.c module from the link

and saved it in usr/src folder.

Then I logged to the server through SSH and did the following

[root@web-test /]#cd /usr/src
[root@web-test src]# tar xzvf mod_limitipconn-0.22.tar.gz
[root@web-test src]# cd mod_limitipconn-0.22

Then I open the Makefile and modified the APXS entry to point to lcation of the APXS. I saved the file and closed it.

When I started the rest of the procedure describer in this topic

[root@web-test mod_limitipconn-0.22]# make
/usr/local/psa/admin/bin/apxs -c mod_limitipconn.c
gcc-3.4 -DHARD_SERVER_LIMIT=512 -DDEFAULT_PATH="/usr/local/psa/admin/bin:/bin:/usr/bin" -DLINUX=2
2 -DTARGET="httpsd" -DHAVE_SET_DUMPABLE -I/usr/include/gdbm -DMOD_SSL=208122 -DEAPI -O -pipe -I/
home/builder/pb_work_dir/psa_aiconfig_7.5.4/psa/release/openssl/include -W -Wall -I/home/builder/
pb_work_dir/psa_aiconfig_7.5.4/psa/lib/dist/usr/include -DPLESK_Linux -I/home/builder/pb_work_dir
/psa_aiconfig_7.5.4/psa/plesk-utils/include -DBSG_CR -DBSG_MSG -I/home/builder/pb_work_dir/psa_ai
config_7.5.4/psa/release/openssl/include -DHAS_RPM -O3 -fexpensive-optimizations -I/usr/kerberos/
include -fstrength-reduce -pipe -I/home/builder/pb_work_dir/psa_aiconfig_7.5.4/psa/lib/dist/usr/i
nclude -I/usr/include/libxml2 -Wno-unused-parameter -fpic -DSHARED_MODULE -I/usr/local/psa/admin/
include -c mod_limitipconn.c
sh: line 1: gcc-3.4: command not found
apxs:Break: Command failed with rc=127
make: *** [mod_limitipconn.so] Error 1


So any one has a clue what went wrong? was it something I did?!

Thank you

sh: line 1: gcc-3.4: command not found

check your gcc :) on box

I did, and the version i have is 3.2 now how can i get the 3.4?

Hi guys, I registered on this forum specifically for the purpose of querying you guys to see if I can get some help with my mod_limitipconn problem.

I have a dedicated server from Ipowerweb. It does have Plesk 7.5 on it.

The installation of mod_limitipconn went perfect. However, I am having trouble setting it up.

The only way I have been able to make it work is with the following very general (non-specific) settings:

<IfModule mod_limitipconn.c>
<Location />
MaxConnPerIP 2
</Location>
</IfModule>

However, it then limits the connections for everything on my entire website which has a lot of pictures. Needless to say, it causes problems. I tried specifying the location, because really there is only ONE subdirectory (with folders under it) that I am interested in limiting connections to. However, no matter how I specify the location, it will not work when I specify a location. I tried specifying it the really long way, and it did not work:
/home/httpd/vhosts/domain.com/httpdocs/downloads/videos
I tried specifying it a shorter way and it did not work:
/downloads/videos
I tried specifying it another way and it did not work:
/httpdocs/downloads/videos

So basically, I have no idea how to make it work for location. I am assuming that the problem is that I am not correctly specifying the directory, but how can I find out where limitipconn is starting from, so I can see what directory I need to put in?

Because of my failures with Location, I also tried telling it to not exclude images, since that is where the problem has been with the limiter limiting everything.
I tried:
NoIPLimit image/* This did not work
NoIPLimit image/jpeg
NoIPLimit jpg This did not work, I was desparate and thought it needed exact mimetypes.

Basically, the NoIPLimit function does not seem to do anything for me at all. Does anyone have any idea why this would be?

I also tried, in a last ditch effort:
OnlyIPLimit video/*
But of course, it doesn't seem to regulate WMV, which is what my files mainly are, so that didn't work either. And I'm not sure it even worked for mpeg files either. ???

Basically, I don't seem to be able to specify any options and have them work.
If anyone could give me any help with this configuration issue, I would GREATLY appreciate it.

Regards,
Dave

This mod is wonderfull but it still hard to use with cpanel server because it need to re-compile apache manual if you need this mod can detect pool proxy ip like AOL . :(

anyone know how to mod this so it can be used SERVER WIDE, and on entire CLASS C SUBNETS, not just one ip?

I'm getting REALLY heavily spidered now, and well, the spiders hit every domain on the server 250+ domains, and it takes me down.... I need to limit ONE C BLOCK OF IP's to 20 accesses PER second would be helpful~!

[root@rbi0141 mod_limitipconn-0.04]# make
/usr/sbin/apxs -c mod_limitipconn.c
/usr/lib/apr-1/build/libtool --silent --mode=compile gcc -prefer-pic -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i386 -mtune=generic -fasynchronous-unwind-tables -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -pthread -I/usr/include/httpd -I/usr/include/apr-1 -I/usr/include/apr-1 -c -o mod_limitipconn.lo mod_limitipconn.c && touch mod_limitipconn.slo
mod_limitipconn.c:39: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'limitipconn_module'
mod_limitipconn.c:43: error: expected specifier-qualifier-list before 'array_header'
mod_limitipconn.c:49: error: expected ')' before '*' token
mod_limitipconn.c: In function 'limitipconn_handler':
mod_limitipconn.c:66: error: 'limitipconn_module' undeclared (first use in this function)
mod_limitipconn.c:66: error: (Each undeclared identifier is reported only once
mod_limitipconn.c:66: error: for each function it appears in.)
mod_limitipconn.c:69: error: 'limitipconn_dir_config' has no member named 'no_limit'
mod_limitipconn.c:70: error: 'limitipconn_dir_config' has no member named 'excl_limit'
mod_limitipconn.c:84: error: 'short_score' undeclared (first use in this function)
mod_limitipconn.c:84: error: expected ';' before 'score_record'
mod_limitipconn.c:95: error: too few arguments to function 'ap_sub_req_lookup_uri'
mod_limitipconn.c:114: error: 'limitipconn_dir_config' has no member named 'no_limit'
mod_limitipconn.c:123: error: 'limitipconn_dir_config' has no member named 'excl_limit'
mod_limitipconn.c:125: error: 'limitipconn_dir_config' has no member named 'excl_limit'
mod_limitipconn.c:138: error: 'HARD_SERVER_LIMIT' undeclared (first use in this function)
mod_limitipconn.c:139: error: 'score_record' undeclared (first use in this function)
mod_limitipconn.c:176: warning: implicit declaration of function 'ap_log_reason'
mod_limitipconn.c:178: warning: implicit declaration of function 'ap_table_setn'
mod_limitipconn.c: In function 'no_limit_config_cmd':
mod_limitipconn.c:208: warning: implicit declaration of function 'ap_push_array'
mod_limitipconn.c:208: error: 'limitipconn_dir_config' has no member named 'no_limit'
mod_limitipconn.c:208: warning: implicit declaration of function 'ap_pstrdup'
mod_limitipconn.c:208: warning: assignment makes pointer from integer without a cast
mod_limitipconn.c: In function 'excl_limit_config_cmd':
mod_limitipconn.c:218: error: 'limitipconn_dir_config' has no member named 'excl_limit'
mod_limitipconn.c:218: warning: assignment makes pointer from integer without a cast
mod_limitipconn.c: At top level:
mod_limitipconn.c:224: warning: missing braces around initializer
mod_limitipconn.c:224: warning: (near initialization for 'limitipconn_cmds[0].func')
mod_limitipconn.c:224: warning: initialization from incompatible pointer type
mod_limitipconn.c:226: warning: initialization from incompatible pointer type
mod_limitipconn.c:228: warning: initialization from incompatible pointer type
mod_limitipconn.c:234: error: expected declaration specifiers or '...' before 'pool'
mod_limitipconn.c: In function 'limitipconn_init':
mod_limitipconn.c:236: warning: passing argument 4 of 'ap_log_error' makes integer from pointer without a cast
mod_limitipconn.c:236: warning: passing argument 5 of 'ap_log_error' from incompatible pointer type
mod_limitipconn.c:236: error: too few arguments to function 'ap_log_error'
mod_limitipconn.c: At top level:
mod_limitipconn.c:239: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'limitipconn_module'
apxs:Error: Command failed with rc=65536
.
make: *** [mod_limitipconn.so] Error 1
[root@rbi0141 mod_limitipconn-0.04]#

Any ideea why i got those errors ?
I have FC5 and apache 2.2.2

Thanks

I am still a bit confused. Can anyone help me pls?
- if I want to limit all accounts, in their public_html, what should I put?

<Location />
MaxConnPerIP 2
</Location>

- if I want to limit connection per ip in every "forums" folder, it should be

<Location /forums>
MaxConnPerIP 2
</Location>

or

<Location forums>
MaxConnPerIP 2
</Location>

thanks,

Put this inside the virtual host section of the httpd.conf file

<IfModule mod_limitipconn.c>
<Location /forums>
MaxConnPerIP 2
</Location>
</IfModule>

where is the plesk

/usr/local/apache/bin/

how to limit connection for rar or zip file,can anybody help?

Is it good for preventive DDos Attack ?

If yes ? Would you pleas explain how to use it for the server not for single folder or single domain.

root@server [~/mod_limitipconn-0.04]# make
apxs -c mod_limitipconn.c
/bin/sh /usr/lib/apr/build/libtool --silent --mode=compile gcc -prefer-pic -O2 -g -pipe -m32 -march=i386 -mtune=pentium4 -DAP_HAVE_DESIGNATED_INITIALIZER -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -pthread -I/usr/include/apr-0 -I/usr/include/httpd -c -o mod_limitipconn.lo mod_limitipconn.c && touch mod_limitipconn.slo
mod_limitipconn.c:39: error: syntax error before "limitipconn_module"
mod_limitipconn.c:39: warning: data definition has no type or storage class
mod_limitipconn.c:43: error: syntax error before "array_header"
mod_limitipconn.c:43: warning: no semicolon at end of struct or union
mod_limitipconn.c:45: warning: data definition has no type or storage class
mod_limitipconn.c:47: error: syntax error before '}' token
mod_limitipconn.c:47: warning: data definition has no type or storage class
mod_limitipconn.c:49: error: syntax error before '*' token
mod_limitipconn.c: In function `limitipconn_create_dir_config':
mod_limitipconn.c:51: error: `cfg' undeclared (first use in this function)
mod_limitipconn.c:51: error: (Each undeclared identifier is reported only once
mod_limitipconn.c:51: error: for each function it appears in.)
mod_limitipconn.c:51: error: syntax error before ')' token
mod_limitipconn.c:56: error: `p' undeclared (first use in this function)
mod_limitipconn.c: In function `limitipconn_handler':
mod_limitipconn.c:65: error: `cfg' undeclared (first use in this function)
mod_limitipconn.c:65: error: syntax error before ')' token
mod_limitipconn.c:66: error: request for member `module_index' in something not a structure or union
mod_limitipconn.c:84: error: `short_score' undeclared (first use in this function)
mod_limitipconn.c:84: error: syntax error before "score_record"
mod_limitipconn.c:95: error: too few arguments to function `ap_sub_req_lookup_uri'
mod_limitipconn.c:138: error: `HARD_SERVER_LIMIT' undeclared (first use in this function)
mod_limitipconn.c:139: error: `score_record' undeclared (first use in this function)
mod_limitipconn.c: In function `limit_config_cmd':
mod_limitipconn.c:190: error: `cfg' undeclared (first use in this function)
mod_limitipconn.c:190: error: syntax error before ')' token
mod_limitipconn.c: In function `no_limit_config_cmd':
mod_limitipconn.c:206: error: `cfg' undeclared (first use in this function)
mod_limitipconn.c:206: error: syntax error before ')' token
mod_limitipconn.c:208: warning: assignment makes pointer from integer without a cast
mod_limitipconn.c: In function `excl_limit_config_cmd':
mod_limitipconn.c:216: error: `cfg' undeclared (first use in this function)
mod_limitipconn.c:216: error: syntax error before ')' token
mod_limitipconn.c:218: warning: assignment makes pointer from integer without a cast
mod_limitipconn.c: At top level:
mod_limitipconn.c:224: warning: initialization from incompatible pointer type
mod_limitipconn.c:226: warning: initialization from incompatible pointer type
mod_limitipconn.c:228: warning: initialization from incompatible pointer type
mod_limitipconn.c:234: error: syntax error before "pool"
mod_limitipconn.c: In function `limitipconn_init':
mod_limitipconn.c:235: error: `s' undeclared (first use in this function)
mod_limitipconn.c:236: warning: passing arg 5 of `ap_log_error' from incompatible pointer type
mod_limitipconn.c:236: error: too few arguments to function `ap_log_error'
mod_limitipconn.c: At top level:
mod_limitipconn.c:239: error: syntax error before "limitipconn_module"
mod_limitipconn.c:240: error: `this_module_needs_to_be_ported_to_apache_2_0' undeclared here (not in a function)
mod_limitipconn.c:240: error: initializer element is not constant
mod_limitipconn.c:240: error: (near initialization for `limitipconn_module')
mod_limitipconn.c:241: warning: excess elements in scalar initializer
mod_limitipconn.c:241: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:242: warning: excess elements in scalar initializer
mod_limitipconn.c:242: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:243: warning: excess elements in scalar initializer
mod_limitipconn.c:243: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:244: warning: excess elements in scalar initializer
mod_limitipconn.c:244: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:245: warning: excess elements in scalar initializer
mod_limitipconn.c:245: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:246: warning: excess elements in scalar initializer
mod_limitipconn.c:246: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:247: warning: excess elements in scalar initializer
mod_limitipconn.c:247: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:248: warning: excess elements in scalar initializer
mod_limitipconn.c:248: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:249: warning: excess elements in scalar initializer
mod_limitipconn.c:249: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:250: warning: excess elements in scalar initializer
mod_limitipconn.c:250: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:251: warning: excess elements in scalar initializer
mod_limitipconn.c:251: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:252: warning: excess elements in scalar initializer
mod_limitipconn.c:252: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:253: warning: excess elements in scalar initializer
mod_limitipconn.c:253: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:254: warning: excess elements in scalar initializer
mod_limitipconn.c:254: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:255: warning: excess elements in scalar initializer
mod_limitipconn.c:255: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:256: warning: excess elements in scalar initializer
mod_limitipconn.c:256: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:257: warning: excess elements in scalar initializer
mod_limitipconn.c:257: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:259: warning: excess elements in scalar initializer
mod_limitipconn.c:259: warning: (near initialization for `limitipconn_module')
mod_limitipconn.c:259: warning: data definition has no type or storage class
apxs:Error: Command failed with rc=65536
.
make: *** [mod_limitipconn.so] Error 1

I get the error trying to compile it for Apache 1.3.37. No problems on my other server though. :confused:

I think CSF has this feature

how to do this under centos? or nginx?

sorry noob question

regards

no answer or update for problems and questions?

Better to use mod_qos, very high configurable module ;)
http://opensource.adnovum.ch/mod_qos/

But also Nginx as proxy can help to filter request more than a mod of apache.