今更なんですが・・・mod_dosdetectorを設定してみた
wget http://ncu.dl.sourceforge.net/sourceforge/moddosdetector/mod_dosdetector-0.2.tar.gz
mod_so.cが入っているか確認します。
/usr/local/httpd_proxy/bin/httpd -l
自分はproxyに導入したいのでproxyのフォルダに設定します。それようのディレクトリ作成。
そして、移動。
mkdir /usr/local/httpd_proxy/3rdparty/ cd /usr/local/httpd_proxy/3rdparty/
続いて、インストール。
cp ../../src/mod_dosdetector-0.2/mod_dosdetector.c .
/usr/local/httpd_proxy/bin/apxs -c mod_dosdetector.c
/usr/local/httpd_proxy/build/libtool --silent --mode=compile gcc -prefer-pic -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/usr/local/httpd_proxy/include -I/usr/local/httpd_proxy/include -I/usr/local/httpd_proxy/include -c -o mod_dosdetector.lo mod_dosdetector.c && touch mod_dosdetector.slo mod_dosdetector.c: In function ‘create_shm’: mod_dosdetector.c:144: warning: format ‘%d’ expects type ‘int’, but argument 8 has type ‘size_t’ mod_dosdetector.c:135: warning: ignoring return value of ‘tmpnam’, declared with attribute warn_unused_result mod_dosdetector.c: In function ‘register_hooks’: mod_dosdetector.c:465: warning: ignoring return value of ‘tmpnam’, declared with attribute warn_unused_result /usr/local/httpd_proxy/build/libtool --silent --mode=link gcc -o mod_dosdetector.la -rpath /usr/local/httpd_proxy/modules -module -avoid-version mod_dosdetector.lo
root@:/usr/local/httpd_proxy/3rdparty# ls mod_dosdetector.c mod_dosdetector.la mod_dosdetector.lo mod_dosdetector.o mod_dosdetector.slo
root@:/usr/local/httpd_proxy/3rdparty# /usr/local/httpd_proxy/bin/apxs -i -a -n dosdetector mod_dosdetector.la /usr/local/httpd_proxy/build/instdso.sh SH_LIBTOOL='/usr/local/httpd_proxy/build/libtool' mod_dosdetector.la /usr/local/httpd_proxy/modules /usr/local/httpd_proxy/build/libtool --mode=install cp mod_dosdetector.la /usr/local/httpd_proxy/modules/ cp .libs/mod_dosdetector.so /usr/local/httpd_proxy/modules/mod_dosdetector.so cp .libs/mod_dosdetector.lai /usr/local/httpd_proxy/modules/mod_dosdetector.la cp .libs/mod_dosdetector.a /usr/local/httpd_proxy/modules/mod_dosdetector.a chmod 644 /usr/local/httpd_proxy/modules/mod_dosdetector.a ranlib /usr/local/httpd_proxy/modules/mod_dosdetector.a PATH="$PATH:/sbin" ldconfig -n /usr/local/httpd_proxy/modules ---------------------------------------------------------------------- Libraries have been installed in: /usr/local/httpd_proxy/modules If you ever happen to want to link against installed libraries in a given directory, LIBDIR, you must either use libtool, and specify the full pathname of the library, or use the `-LLIBDIR' flag during linking and do at least one of the following: - add LIBDIR to the `LD_LIBRARY_PATH' environment variable during execution - add LIBDIR to the `LD_RUN_PATH' environment variable during linking - use the `-Wl,--rpath -Wl,LIBDIR' linker flag - have your system administrator add LIBDIR to `/etc/ld.so.conf' See any operating system documentation about shared libraries for more information, such as the ld(1) and ld.so(8) manual pages. ---------------------------------------------------------------------- chmod 755 /usr/local/httpd_proxy/modules/mod_dosdetector.so [activating module `dosdetector' in /usr/local/httpd_proxy/conf/httpd.conf]
続いてセッティング
まずはlogに吐いてどんなもんか確認。
# # dosdetector setting # DoSDetection on DoSPeriod 5 DoSThreshold 10 DoSHardThreshold 25 DoSBanPeriod 30 DoSTableSize 100 DoSIgnoreContentType image|javascript|css # for blocking #RewriteEngine On #RewriteCond %{ENV:SuspectHardDoS} =1 #RewriteRule .* - [R=503,L] # for log LogFormat "%{SuspectHardDoS}e %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" dos_suspect CustomLog logs/dos_suspect_log dos_suspect env=SuspectDoS ErrorDocument 503 /503.html # # /dosdetector setting #
なんかひっかかるのはgooglebotばかりでした。