The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Limit connection to httpd per ip.

Discussion in 'Security' started by Bidi, Nov 25, 2013.

  1. Bidi

    Bidi Well-Known Member

    Joined:
    Oct 3, 2012
    Messages:
    51
    Likes Received:
    1
    Trophy Points:
    8
    Location:
    Romania, Transilvania
    cPanel Access Level:
    DataCenter Provider
    Hello guys i was looking for this for 1 or 2 weeks i didnt fiind any solutions.

    I got a problem with this

    tcp 0 0 s1.hzone.ro:http 109.102.191.82:63121 SYN_RECV
    tcp 0 0 s1.hzone.ro:http 109.102.191.82:64673 SYN_RECV

    And it makes from same ip difrent port like 500 connections till csf bans it.

    How can i limit this tipes of connections to http / ip

    Like this user ip 109.102.191.82 if he make more then 10 connections to http to give hem blank page or not to work ?

    I tryed even with iptables ... but ussles.
     
  2. quietFinn

    quietFinn Well-Known Member

    Joined:
    Feb 4, 2006
    Messages:
    998
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    Finland
    cPanel Access Level:
    Root Administrator
    Have you tried CONNLIMIT in CSF?
     
  3. Bidi

    Bidi Well-Known Member

    Joined:
    Oct 3, 2012
    Messages:
    51
    Likes Received:
    1
    Trophy Points:
    8
    Location:
    Romania, Transilvania
    cPanel Access Level:
    DataCenter Provider
    Yes and is ussles......
     
  4. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    940
    Likes Received:
    55
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
  5. Bidi

    Bidi Well-Known Member

    Joined:
    Oct 3, 2012
    Messages:
    51
    Likes Received:
    1
    Trophy Points:
    8
    Location:
    Romania, Transilvania
    cPanel Access Level:
    DataCenter Provider
  6. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    940
    Likes Received:
    55
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    If you have ModSecurity selected in EasyApache, then you would just have to add this line to /usr/local/apache/conf/modsec2.user.conf

    SecReadStateLimit 25

    You would have to restart apache for the setting to be active. This is just an example, you could try anywhere from 5 to 50. This example setting would limit each connecting IP to 25 simulatneous READ connections to the Apache server.

    I say this setting instead of SecConnReadStateLimit because the newest modsec build in EA is 2.7.5 which still uses SecReadStateLimit.
     
  7. ravi9

    ravi9 Well-Known Member

    Joined:
    Oct 31, 2013
    Messages:
    65
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    India
    cPanel Access Level:
    Website Owner
  8. Bidi

    Bidi Well-Known Member

    Joined:
    Oct 3, 2012
    Messages:
    51
    Likes Received:
    1
    Trophy Points:
    8
    Location:
    Romania, Transilvania
    cPanel Access Level:
    DataCenter Provider
    Ravi i will try it, sorry guys for not answearing but my father has died in december and since then my mom she's loosing hear mind.
     
  9. xbaha

    xbaha Member

    Joined:
    Sep 30, 2014
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    hi,
    sorry to jump in a year later, hope you still around...
    i was looking for such a solutions also, but i only want it to limit concurrent HTTP POST requests per ip per seconds, (if HTTP GET, then allow unlimited sim connections). is there away to do that?

    thanks.
     
  10. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    940
    Likes Received:
    55
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    I'm not aware of a way to restrict the SecReadStateLimit to certain request methods, but I'll take a look at it.
     
Loading...

Share This Page