Sometimes you may need to implement rate limiting in Apache web server to block malicious traffic and DDOS attacks. You can easily do this using mod_qos Apache module. It allows you to control quality of service offered by your web server so that no user faces downtime unnecessarily. In this article, we will look at how to limit requests per IP in Apache using mod_qos module.
How to Limit Requests Per IP in Apache
Here are the steps to limit requests per IP in Apache.
1. Update Ubuntu packages
Open terminal and run the following command to update Ubuntu packages.
$ sudo apt-get update
Also read : How to Use Linux History Command
2. Install mod_qos
Run the following command to install mod_qos.
sudo apt-get install libapache2-mod-qos
After installation, mod_qos will automatically enable itself.
Also read : How to Change XAMPP Apache port
3. Configure mod_qos
Open mod_qos configuration file at /etc/apache2/mods-available/qos.conf
$ sudo vi /etc/apache2/mods-available/qos.conf
Add/Edit the following lines. The comments after # sign clearly explain what each variable is used for. We have configured mod_qos such that min request rate – 120 bytes/sec, max connections – 800, keep alive support up to 600 connections, max connections per ip – 50. You can change these values as per your requirement.
Sample configuration: # minimum request rate (bytes/sec at request reading): QS_SrvRequestRate 120 # limits the connections for this virtual host: QS_SrvMaxConn 800 # allows keep-alive support till the server reaches 600 connections: QS_SrvMaxConnClose 600 # allows max 50 connections from a single ip address: QS_SrvMaxConnPerIP 50 # disables connection restrictions for certain clients: QS_SrvMaxConnExcludeIP 188.8.131.52 QS_SrvMaxConnExcludeIP 92.68.10.
mod_qos provides many configuration options. Here is a full list for your reference.
Also read : How to Uninstall NGINX in CentOS
4. Restart Apache Web Server
Restart Apache web server to apply changes.
$ sudo service apache2 restart
That’s it. Now Apache will automatically limit requests per IP on your website to 50 connections/ip.
Also read : How to Fix Apache Not Executing PHP Files