HTTP request flood mitigation

In a recent article, we saw how we can use a load-balancer as a first row of defense against DDOS. The purpose of the present article to provide a configuration to protect your applications against HTTP request flood. The configuration below allows only 10 requests...

Web traffic limitation

Synopsis For different reason, we may want to limit the number of connections or the number of requests we allow to a web farm. In example: give more capacity to authenticated users compared to anonymous one limit web farm users per virtualhost protect your website...

Protect Apache against “apache killer” script

What is Apache killer? Apache killer is a script which aims to exploit an Apache Vulnerability. Basically, it makes Apache to fill up the /tmp directory which makes the webserver unstable. Who is concerned? Anybody running a website on Apache. The Apache announce How...