今更なんですが・・・mod_dosdetectorを設定してみた
wget http://ncu.dl.sourceforge.net/sourceforge/moddosdetector/mod_dosdetector-0.2.tar.gz
mod_so.cが入っているか確認します。
/usr/local/httpd_proxy/bin/httpd -l
自分はproxyに導入したいのでproxyのフォルダに設定します。それようのディレクトリ作成。
そして、移動。
mkdir /usr/local/httpd_proxy/3rdparty/ cd /usr/local/httpd_proxy/3rdparty/
続いて、インストール。
cp ../../src/mod_dosdetector-0.2/mod_dosdetector.c .
/usr/local/httpd_proxy/bin/apxs -c mod_dosdetector.c
/usr/local/httpd_proxy/build/libtool --silent --mode=compile gcc -prefer-pic -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/httpd_proxy/include -I/usr/local/httpd_proxy/include -I/usr/local/httpd_proxy/include -c -o mod_dosdetector.lo mod_dosdetector.c && touch mod_dosdetector.slo mod_dosdetector.c: In function ‘create_shm’: mod_dosdetector.c:144: warning: format ‘%d’ expects type ‘int’, but argument 8 has type ‘size_t’ mod_dosdetector.c:135: warning: ignoring return value of ‘tmpnam’, declared with attribute warn_unused_result mod_dosdetector.c: In function ‘register_hooks’: mod_dosdetector.c:465: warning: ignoring return value of ‘tmpnam’, declared with attribute warn_unused_result /usr/local/httpd_proxy/build/libtool --silent --mode=link gcc -o mod_dosdetector.la -rpath /usr/local/httpd_proxy/modules -module -avoid-version mod_dosdetector.lo
root@:/usr/local/httpd_proxy/3rdparty# ls mod_dosdetector.c mod_dosdetector.la mod_dosdetector.lo mod_dosdetector.o mod_dosdetector.slo
root@:/usr/local/httpd_proxy/3rdparty# /usr/local/httpd_proxy/bin/apxs -i -a -n dosdetector mod_dosdetector.la
/usr/local/httpd_proxy/build/instdso.sh SH_LIBTOOL='/usr/local/httpd_proxy/build/libtool' mod_dosdetector.la /usr/local/httpd_proxy/modules
/usr/local/httpd_proxy/build/libtool --mode=install cp mod_dosdetector.la /usr/local/httpd_proxy/modules/
cp .libs/mod_dosdetector.so /usr/local/httpd_proxy/modules/mod_dosdetector.so
cp .libs/mod_dosdetector.lai /usr/local/httpd_proxy/modules/mod_dosdetector.la
cp .libs/mod_dosdetector.a /usr/local/httpd_proxy/modules/mod_dosdetector.a
chmod 644 /usr/local/httpd_proxy/modules/mod_dosdetector.a
ranlib /usr/local/httpd_proxy/modules/mod_dosdetector.a
PATH="$PATH:/sbin" ldconfig -n /usr/local/httpd_proxy/modules
----------------------------------------------------------------------
Libraries have been installed in:
/usr/local/httpd_proxy/modules
If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the `-LLIBDIR'
flag during linking and do at least one of the following:
- add LIBDIR to the `LD_LIBRARY_PATH' environment variable
during execution
- add LIBDIR to the `LD_RUN_PATH' environment variable
during linking
- use the `-Wl,--rpath -Wl,LIBDIR' linker flag
- have your system administrator add LIBDIR to `/etc/ld.so.conf'
See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------
chmod 755 /usr/local/httpd_proxy/modules/mod_dosdetector.so
[activating module `dosdetector' in /usr/local/httpd_proxy/conf/httpd.conf]
続いてセッティング
まずはlogに吐いてどんなもんか確認。
#
# dosdetector setting
#
DoSDetection on
DoSPeriod 5
DoSThreshold 10
DoSHardThreshold 25
DoSBanPeriod 30
DoSTableSize 100
DoSIgnoreContentType image|javascript|css
# for blocking
#RewriteEngine On
#RewriteCond %{ENV:SuspectHardDoS} =1
#RewriteRule .* - [R=503,L]
# for log
LogFormat "%{SuspectHardDoS}e %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" dos_suspect
CustomLog logs/dos_suspect_log dos_suspect env=SuspectDoS
ErrorDocument 503 /503.html
#
# /dosdetector setting
#なんかひっかかるのはgooglebotばかりでした。
