Tweet
Bookmark this on Delicious
The directives below allow you to configure the limits of your Apache server; they are important in this that they help shield your server against many kinds of DOS (Denial of Service) attacks:
Next tutorial: Apache server configuration on Linux - Apache server logs
Back to computer forums
Bookmark this on Delicious
Apache server configuration on Linux - Apache server limits configuration
The directives below allow you to configure the limits of your Apache server; they are important in this that they help shield your server against many kinds of DOS (Denial of Service) attacks:
-
# Defines the time (in seconds) Apache will wait for a slow I/O
TimeOut 60 -
# Same TCP connection can allow multiple HTTP requests ?
KeepAlive On -
# Sets the maximum number of requests per connection at 100; this directive assumes KeepAlive on
MaxKeepAliveRequests 100 -
# Defines the number of seconds Apache will be waiting for the next request on an open connection, assuming KeepAlive is on
KeepAliveTimeout 15 -
# LimitRequestBody litterally limits the size of the request body of an HTTP request; setting this Directive at 0 puts no limit to the HTTP Request Body; if you do not wish to allow file uploading, there's no reason why you wouldn't define a more reasonable limit here (such as 1000000, i.e. 1MB).
LimitRequestBody 0 -
# LimitRequestFields sets the maximum number of fields allowed per HTTP request
LimitRequestFields 100 -
# Sets the limit size for any field of a HTTP request
LimitRequestFieldsize 8190 -
# Sets the limit on the first line of a HTTP request, thus effectively limiting the length of the requested URL (including any other information passed on through the URL, e.g. through the GET method)
LimitRequestLine 8190 -
# Limits the XML request body
LimitXMLRequestBody 1000000 -
# MinSpareServers should be turned on only for high-traffic websites; this sets the minimum number of iddle server processes; if the number of idle processes falls below this number, Apache will create new child processes at a speed of 1 child process per second; note that this directive comes with the prefork module, therefore mod_prefork must be active for this directive to be used. For the next directives below, it is assumed that mod_prefork has been installed and activated.
MinSpareServers 5 -
# This sets the maximum number of iddle child server processes (see MinSpareServers)
MaxSpareServers 10 -
# Sets the starting number of child server processes when Apache boots
StartServers 5 -
# Sets the maximum number of connections that can be served by Apache at any given time; every connection attempt above this limit will result in this connection attempt being queued and processed later (up to ListenBackLog connections can be queued in this way)
MaxClients 150 -
# Sets the number of connection attempts that can be queued when MaxClients has been reached
ListenBackLog 511 -
# Sets the maximum number of requests per child process; it is better if you do not leave this parameter at 0 since that would mean an unlimited number of requests can be made via one single child server process
MaxRequestsPerChild 150
Rather than use the prefork processing model (assumed above) you can decide to use the worker multiprocessing modules model (MPM). Please refer to the Apache documentation of the MPM worker module for more information on this multi-threaded processing model.
Next tutorial: Apache server configuration on Linux - Apache server logs
Back to computer forums