Silly simple mysql question - Limit connections on a per account basis?

With the cPanel system, is there a away to limit the number of hits to MySQL that a specific hosting account can place on the system.

For example, I imagine this could be done by putting up a special my.cnf file in the vsites /etc directory with just this line in it:

max_connections = 25

Then that vsite's my.cnf file and any statements therein would override the global, server-wide my.cnf file. Is this true? Am I on the right track here?

Thanks much!

 

Thanks cpanelkenneth, the link you sent does indeed address my question. I was just hoping it would have been as simple as poping a custom my.cnf file in the vsites own /etc directory.

 

Thanks for the suggestions and further input.

What this request comes out of is a need to limit the hit that one particular (large) WordPress built site has on one of our servers. Regular "human" usage during regular peak hours is fine, but every once and a while they get hit by a kazillion web bots, or one extremely persistent bot that ends up killing the server, usually taking the load average up beyond 70 until we either start firewalling individual IP addresses or reboot.

I've tried using mod_bandwidth, taking limit down really low, as well as various mod_security bot blocking rules but nothing seems to help. During one of the big load hits, that is if I can get into shell at all to do this, I view the mysql process list and it's page and page after page of listed processes for this account, usually occurring very late at night, and again, it is apparent that these are search engine and other bots doing this, apparent that is from what is showing up in their account apache access log after such an event.

So my idea was to limit the number of possible simultaneous MySQL processes just to keep the server up, but doing the MySQL limit just for this one account.

 

Regarding mod_evasive. Yes, but we really have not found this to be a very useful tool. For one thing, this only looks at the entire server as opposed to the ability to set up different settings for individual accounts (correct me if I'm wrong here.)

Also, I've noticed in the past, that by the time I get the mod_evasive settings down to something that would control massive bot hits, people start complaining that not all of their graphics are loading, i.e. on web pages that sport dozens of thumbnails, etc.

--------------

Yes, I have plenty of mod_security rules set up to fend off the bots, the problem is that there are new, formerly unheard of bots raking the server all the time. Also, for some bizzare reason some bots like the Twiceler bot seem to be able to avoid being impeeded by any mod_security rule we put up.

--------------

And yes, we sit there and block IP addresses in the firewall when all else fails, but this is a tedeous cure (if even that) rather than any sort of prevention.

--------------

What you said in the last paragraph is probably the most likely about being DIGGed.

Thanks for your response.