How to install mod_limitipconn on server

To set per IP connections limit on  server we are using mod_limitipconn. This can be a very useful tool, as it could help in lowering the load on your server due to someone connecting too many times from the same IP.

 

To set the IP limit on the server using mod_security.

Check apache version first on server.

httpd -v

Go to the below path

cd /usr/local/src/

Download the mod_limitpconn using the below link. I am having apache version 2.2.22. As per your apache version download the file.

wget http://dominia.org/djao/limit/mod_limitipconn-0.24.tar.bz2


Untar the file

tar -xvf mod_limitipconn-0.24.tar.bz2

Go to that folder

cd mod_limitipconn-0.24

Compile it with apache

make
make install

Check the apache syntax and restart the apache service if it is Ok

httpd -t
/etc/init.d/httpd restart

Add the below lines in httpd.conf

vi /usr/local/apache/conf/httpd.conf

 

# This command is always needed
ExtendedStatus On

# Only needed if the module is compiled as a DSO
LoadModule limitipconn_module lib/apache/mod_limitipconn.so

<IfModule mod_limitipconn.c>

# Set a server-wide limit of 10 simultaneous downloads per IP,
# no matter what.
MaxConnPerIP 10
<Location /somewhere>
# This section affects all files under http://your.server/somewhere
MaxConnPerIP 3
# exempting images from the connection limit is often a good
# idea if your web page has lots of inline images, since these
# pages often generate a flurry of concurrent image requests
NoIPLimit image/*
</Location>

<Directory /home/*/public_html>
# This section affects all files under /home/*/public_html
MaxConnPerIP 1
# In this case, all MIME types other than audio/mpeg and video*
# are exempt from the limit check
OnlyIPLimit audio/mpeg video
</Directory>
</IfModule>

Check the syntax if everything is ok then restart the apache.

httpd -t
/etc/init.d/httpd restart
/etc/init.d/httpd status

Confirm that domains are working on the server. You can select the domain from the below file and try randomly accessing it.

cat /etc/userdomains.

 

Notes:

This module will not function unless mod_status is loaded and the “ExtendedStatus On” directive is set.

Make sure mod security is already installed on the server using easyapache.

 

Comments are closed.