Why is mod_limitipconn-0.23 in Ubuntu 8.04 not working?
Markus Schönhaber
ubuntu-users at list-post.mks-mail.de
Wed Jul 16 12:33:19 UTC 2008
Jimmy Snell wrote:
> I am the administrator of a website, and I found that some users make
> lots of HTTP connections to my website. After searching for answers to
> this problem, I tried to use the 3rd-party Apache module mod_limitipconn.
>
> However, there is a problem for me to use this module: this module is
> not working.
[...]
> After I changed some settings, the /etc/apache2/httpd.conf.is looks like this:
>
> START of file /etc/apache2/httpd.conf
> ========================
> ExtendedStatus On
>
> LoadModule limitipconn_module /usr/lib/apache2/modules/mod_limitipconn.so
>
> # mod_limitipconn
> <IfModule mod_limitipconn.c>
> MaxConnPerIP 3
> <Location />
> MaxConnPerIP 3
> </Location>
> </IfModule>
> ========================
> END of file /etc/apache2/httpd.conf
>
> In my opinion, this file will be included by the "Include
> /etc/apache2/httpd.conf" statement in the /etc/apache2/apache2.conf
> file; so all the directives in it will be seen by Apache daemon.
Although probably not really a problem: why don't you use the
configuration layout the package uses? I. e. create
/etc/apache2/mods-available/limitipconn.load
/etc/apache2/mods-available/limitipconn.conf
and create symlinks in
/etc/apache2/mods-enabled
to actually activate the module.
> Then, I started Apache, and there wasn't any error message; everything
> seemed to go fine.
>
> However, then I tried to test whether this module was working.
> I used the "ab" command to test from my machine:
> ab -n 1000000 -c 100 http://www.myhost.com
Are you the owner of www.myhost.com? If not, please use a domain name
like "example.com" which is reserved for use in documentation.
> Unfortunately, I found on my server that it showed there are 2620 HTTP
> connections from my machine.
As Mumia already said, this doesn't necessarily mean that the module
isn't working. mod_limitipconn doesn't make HTTP connections to your
server impossible (if over the limit) but makes sure that those
excessive connections are only used to return an error page - which is,
of course, done using an HTTP connection.
You should rather take a look at your server's log files. AFAIU
mod_limitipconn will log rejected (i. e. answered with an error message)
connection attempts.
Additionally, you could use
apache2ctl -M
to see if mod_limitipconn and mod_status are indeed loaded by the server
and the config syntax is OK.
> During the ab command was running, I also
> tried to visit http://www.myhost.com by FireFox. Here is the error
> message that I saw in FireFox:
> ========================
> 503 Service Temporarily Unavailable
> The server is temporarily unable to service your request due to
> maintenance downtime or capacity problems. Please try again later.
> ========================
I'd take that as a hint that mod_limitipconn works as it should.
Regards
mks
More information about the ubuntu-users
mailing list