Rule of thumb for settings anti-DOS parameters in Apache for web appHow to best defend against a “slowloris” DOS attack against an Apache web server?Apache: What is the best anti Denial of Service module and caching combination for a penny auction site?How to make a certain web app on Apache server to use different proxy for downloading?Apache problems in performance test with mod_reqtimeoutCyclos4 - Apache as frontend for a Tomcat appnginx reverse proxy for Apache and a Node appReducing Apache Memory usage and Average Process Size Valuesnort rule for rdp dos attackApache case Insensitive mod_rewrite for single ruleHardening TLS web server Apache settings

How to get cool night-vision without lame drawbacks?

Should developer taking test phones home or put in office?

Can ADFS connect to other SSO services?

Hand soldering SMD 1206 components

Underbar nabla symbol doesn't work

Cascading Repair Costs following Blown Head Gasket on a 2004 Subaru Outback

C-152 carb heat on before landing in hot weather?

Has there been any indication at all that further negotiation between the UK and EU is possible?

Why did pressing the joystick button spit out keypresses?

Find the probability that the 8th woman to appear is in 17th position.

What reason would an alien civilization have for building a Dyson Sphere (or Swarm) if cheap Nuclear fusion is available?

Is a single radon-daughter atom in air a solid?

Are there any efficient algorithms to solve longest path problem in networks with cycles?

How does a blind passenger not die, if driver becomes unconscious

Why doesn't a marching band have strings?

Why do textbooks often include the solutions to odd or even numbered problems but not both?

Intuition for capacitors in series

3D Crossword, Cryptic, Statue View & Maze

How much will studying magic in an academy cost?

In the Marvel universe, can a human have a baby with any non-human?

Is there a way to split the metadata to custom folders?

What's currently blocking the construction of the wall between Mexico and the US?

What does "play with your toy’s toys" mean?

How can I politely work my way around not liking coffee or beer when it comes to professional networking?



Rule of thumb for settings anti-DOS parameters in Apache for web app


How to best defend against a “slowloris” DOS attack against an Apache web server?Apache: What is the best anti Denial of Service module and caching combination for a penny auction site?How to make a certain web app on Apache server to use different proxy for downloading?Apache problems in performance test with mod_reqtimeoutCyclos4 - Apache as frontend for a Tomcat appnginx reverse proxy for Apache and a Node appReducing Apache Memory usage and Average Process Size Valuesnort rule for rdp dos attackApache case Insensitive mod_rewrite for single ruleHardening TLS web server Apache settings






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








0















I have Apache 2.4 running on a Windows 10 server, listening to connections from the Internet. This Apache instance serves an in-house PHP application. The PHP application connects to a local database and feeds data to a few mobile clients in JSON format. The data fed to the clients is mostly textual, but there are some word/excel/other documents as well.



The Apache security guide recommends to set the following parameters to help prevent DOS attacks:



  • KeepAlive

  • KeepAliveTimeout

  • LimitRequestBody

  • LimitRequestFields

  • LimitRequestFieldSize

  • LimitRequestLine

  • LimitXMLRequestBody

  • MaxClients

  • MaxKeepAliveRequests

  • MaxRequestWorkers

  • RequestReadTimeout

  • TimeOut

Considering the above scenario and a maximum number of 50 concurrent users, what would be the optimal settings for the above parameters?






apache-2.4 denial-of-service server-settings







share|improve this question






























    0















    I have Apache 2.4 running on a Windows 10 server, listening to connections from the Internet. This Apache instance serves an in-house PHP application. The PHP application connects to a local database and feeds data to a few mobile clients in JSON format. The data fed to the clients is mostly textual, but there are some word/excel/other documents as well.



    The Apache security guide recommends to set the following parameters to help prevent DOS attacks:



    • KeepAlive

    • KeepAliveTimeout

    • LimitRequestBody

    • LimitRequestFields

    • LimitRequestFieldSize

    • LimitRequestLine

    • LimitXMLRequestBody

    • MaxClients

    • MaxKeepAliveRequests

    • MaxRequestWorkers

    • RequestReadTimeout

    • TimeOut

    Considering the above scenario and a maximum number of 50 concurrent users, what would be the optimal settings for the above parameters?






    apache-2.4 denial-of-service server-settings







    share|improve this question


























      0












      0








      0








      I have Apache 2.4 running on a Windows 10 server, listening to connections from the Internet. This Apache instance serves an in-house PHP application. The PHP application connects to a local database and feeds data to a few mobile clients in JSON format. The data fed to the clients is mostly textual, but there are some word/excel/other documents as well.



      The Apache security guide recommends to set the following parameters to help prevent DOS attacks:



      • KeepAlive

      • KeepAliveTimeout

      • LimitRequestBody

      • LimitRequestFields

      • LimitRequestFieldSize

      • LimitRequestLine

      • LimitXMLRequestBody

      • MaxClients

      • MaxKeepAliveRequests

      • MaxRequestWorkers

      • RequestReadTimeout

      • TimeOut

      Considering the above scenario and a maximum number of 50 concurrent users, what would be the optimal settings for the above parameters?






      apache-2.4 denial-of-service server-settings







      share|improve this question
















      I have Apache 2.4 running on a Windows 10 server, listening to connections from the Internet. This Apache instance serves an in-house PHP application. The PHP application connects to a local database and feeds data to a few mobile clients in JSON format. The data fed to the clients is mostly textual, but there are some word/excel/other documents as well.



      The Apache security guide recommends to set the following parameters to help prevent DOS attacks:



      • KeepAlive

      • KeepAliveTimeout

      • LimitRequestBody

      • LimitRequestFields

      • LimitRequestFieldSize

      • LimitRequestLine

      • LimitXMLRequestBody

      • MaxClients

      • MaxKeepAliveRequests

      • MaxRequestWorkers

      • RequestReadTimeout

      • TimeOut

      Considering the above scenario and a maximum number of 50 concurrent users, what would be the optimal settings for the above parameters?






      apache-2.4 denial-of-service server-settings




      apache-2.4 denial-of-service server-settings






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Jun 6 at 20:44









      kubanczyk

      10.9k4 gold badges30 silver badges46 bronze badges




      10.9k4 gold badges30 silver badges46 bronze badges










      asked Jun 6 at 19:41









      SteveSteve

      1114 bronze badges




      1114 bronze badges




















          0






          active

          oldest

          votes














          Your Answer








          StackExchange.ready(function()
          var channelOptions =
          tags: "".split(" "),
          id: "2"
          ;
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function()
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled)
          StackExchange.using("snippets", function()
          createEditor();
          );

          else
          createEditor();

          );

          function createEditor()
          StackExchange.prepareEditor(
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader:
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          ,
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          );



          );













          draft saved

          draft discarded


















          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f970446%2frule-of-thumb-for-settings-anti-dos-parameters-in-apache-for-web-app%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown

























          0






          active

          oldest

          votes








          0






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes















          draft saved

          draft discarded
















































          Thanks for contributing an answer to Server Fault!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid


          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.

          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f970446%2frule-of-thumb-for-settings-anti-dos-parameters-in-apache-for-web-app%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          -

          Popular posts from this blog

          Club Baloncesto Breogán Índice Historia | Pavillón | Nome | O Breogán na cultura popular | Xogadores | Adestradores | Presidentes | Palmarés | Historial | Líderes | Notas | Véxase tamén | Menú de navegacióncbbreogan.galCadroGuía oficial da ACB 2009-10, páxina 201Guía oficial ACB 1992, páxina 183. Editorial DB.É de 6.500 espectadores sentados axeitándose á última normativa"Estudiantes Junior, entre as mellores canteiras"o orixinalHemeroteca El Mundo Deportivo, 16 setembro de 1970, páxina 12Historia do BreogánAlfredo Pérez, o último canoneiroHistoria C.B. BreogánHemeroteca de El Mundo DeportivoJimmy Wright, norteamericano do Breogán deixará Lugo por ameazas de morteResultados de Breogán en 1986-87Resultados de Breogán en 1990-91Ficha de Velimir Perasović en acb.comResultados de Breogán en 1994-95Breogán arrasa al Barça. "El Mundo Deportivo", 27 de setembro de 1999, páxina 58CB Breogán - FC BarcelonaA FEB invita a participar nunha nova Liga EuropeaCharlie Bell na prensa estatalMáximos anotadores 2005Tempada 2005-06 : Tódolos Xogadores da Xornada""Non quero pensar nunha man negra, mais pregúntome que está a pasar""o orixinalRaúl López, orgulloso dos xogadores, presume da boa saúde económica do BreogánJulio González confirma que cesa como presidente del BreogánHomenaxe a Lisardo GómezA tempada do rexurdimento celesteEntrevista a Lisardo GómezEl COB dinamita el Pazo para forzar el quinto (69-73)Cafés Candelas, patrocinador del CB Breogán"Suso Lázare, novo presidente do Breogán"o orixinalCafés Candelas Breogán firma el mayor triunfo de la historiaEl Breogán realizará 17 homenajes por su cincuenta aniversario"O Breogán honra ao seu fundador e primeiro presidente"o orixinalMiguel Giao recibiu a homenaxe do PazoHomenaxe aos primeiros gladiadores celestesO home que nos amosa como ver o Breo co corazónTita Franco será homenaxeada polos #50anosdeBreoJulio Vila recibirá unha homenaxe in memoriam polos #50anosdeBreo"O Breogán homenaxeará aos seus aboados máis veteráns"Pechada ovación a «Capi» Sanmartín e Ricardo «Corazón de González»Homenaxe por décadas de informaciónPaco García volve ao Pazo con motivo do 50 aniversario"Resultados y clasificaciones""O Cafés Candelas Breogán, campión da Copa Princesa""O Cafés Candelas Breogán, equipo ACB"C.B. Breogán"Proxecto social"o orixinal"Centros asociados"o orixinalFicha en imdb.comMario Camus trata la recuperación del amor en 'La vieja música', su última película"Páxina web oficial""Club Baloncesto Breogán""C. B. Breogán S.A.D."eehttp://www.fegaba.com

          Image
          Barça LassaBAXI ManresaCafés Candelas BreogánDelteco GBCDivina Seguros JoventutHerbalife Gran CanariaIberostar TenerifeKirolbet BaskoniaMonbus ObradoiroMontakit FuenlabradaMoraBanc AndorraMovistar EstudiantesReal MadridSan Pablo BurgosTecnyconta ZaragozaUCAM MurciaUnicajaValencia Basket Club Baloncesto Breogán baloncestoLugoGalicia1966JuanJosé Ramón Varela Portasmáxima categoría1970competicións europeasLiga ACBPavillón MunicipalPazo dos DeportesJesús Lázareliga EBAClub Estudiantes1965Lugobaloncestosegunda divisiónJosé RamónJuan Varela-Portas y Pardo1966Celestino Fernández de la Vega196869primeira divisiónZaragozaprimeira divisiónReal MadridJoventutEstudiantes19701971máxima categoría estatal11 de outubro1970Palacio dos DeportesLugoTenerifeMadridReal MadridAlfredo PérezBreogán19711972TenerifeMadridvascocatalánAlfredo PérezespañolMadridLugoManresa La Casera19741975As...
          Read more

          Vilaño, A Laracha Índice Patrimonio | Lugares e parroquias | Véxase tamén | Menú de navegación43°14′52″N 8°36′03″O / 43.24775, -8.60070

          Image
          Parroquias da LarachaParroquias de Galicia baixo a advocación de Santiago o Maior coruñésLarachacomarca de BergantiñosIGE20131999castro de Montesclarospoboado castrexoidade de ferroromanización de Galiciamiliariopazo de Montesclarosséculo XIXAmboadeA AreosaA BarreiraBos AiresA BoticaAs Brañas da ViñaAs BrañasBusteloOs CanedosFerreirosAs FervenzasA Fonte da CanleO FormigueiroFornelosA FragaFragundeGravidoA LamelaMarfuloOs MeánsMontes ClarosA PanelaO PazoQuintánsRibelaSamiroO SeixoA TelleiraVilañoVilanovaA ViñaVista AlegreCabovilaño (San Román)Caión (Santa María do Socorro)Coiro (San Xián)Erboedo (Santa María)Golmar (San Bieito)Lemaio (Santa Mariña)Lendo (San Xián)Lestón (San Martiño)Montemaior (Santa María Madanela)Soandres (San Pedro)Soutullo (Santa María)Torás (Santa María)Vilaño (Santiago) Vilaño, A Laracha Na Galipedia, a Wi...
          Read more

          Cegueira Índice Epidemioloxía | Deficiencia visual | Tipos de cegueira | Principais causas de cegueira | Tratamento | Técnicas de adaptación e axudas | Vida dos cegos | Primeiros auxilios | Crenzas respecto das persoas cegas | Crenzas das persoas cegas | O neno deficiente visual | Aspectos psicolóxicos da cegueira | Notas | Véxase tamén | Menú de navegación54.054.154.436928256blindnessDicionario da Real Academia GalegaPortal das Palabras"International Standards: Visual Standards — Aspects and Ranges of Vision Loss with Emphasis on Population Surveys.""Visual impairment and blindness""Presentan un plan para previr a cegueira"o orixinalACCDV Associació Catalana de Cecs i Disminuïts Visuals - PMFTrachoma"Effect of gene therapy on visual function in Leber's congenital amaurosis"1844137110.1056/NEJMoa0802268Cans guía - os mellores amigos dos cegosArquivadoEscola de cans guía para cegos en Mortágua, PortugalArquivado"Tecnología para ciegos y deficientes visuales. Recopilación de recursos gratuitos en la Red""Colorino""‘COL.diesis’, escuchar los sonidos del color""COL.diesis: Transforming Colour into Melody and Implementing the Result in a Colour Sensor Device"o orixinal"Sistema de desarrollo de sinestesia color-sonido para invidentes utilizando un protocolo de audio""Enseñanza táctil - geometría y color. Juegos didácticos para niños ciegos y videntes""Sistema Constanz"L'ocupació laboral dels cecs a l'Estat espanyol està pràcticament equiparada a la de les persones amb visió, entrevista amb Pedro ZuritaONCE (Organización Nacional de Cegos de España)Prevención da cegueiraDescrición de deficiencias visuais (Disc@pnet)Braillín, un boneco atractivo para calquera neno, con ou sen discapacidade, que permite familiarizarse co sistema de escritura e lectura brailleAxudas Técnicas36838ID00897494007150-90057129528256DOID:1432HP:0000618D001766C10.597.751.941.162C97109C0155020

          Image
          OftalmoloxíaDiscapacidade sentidovistaNorteaméricaEuropaollopaíses en vías de desenvolvementopaíses desenvolvidos2014Organización Mundial da SaúdeGaliciaretinopatía diabéticaglaucomaresto visualagudeza visualcampo visualterapia xénicaretinavirus do arrefriado comúncanadestradoséculo XIXLouis Brailleteclado brailleescáneresrecoñecemento óptico de caractereslectores de pantallacorsinestesiafrauta doceamareloclarineteazultamboresvermellopianoverdeSistema Constanzsemáforocans guíaBrailletactosoftwaretactoeuroAvuiséculo XXUnión SoviéticaFranciaItaliaInglaterraNataciónatletismociclismojudoesquífútbol salamontañismoxadrezgoalballsociedademúsicosindixentesprofetassabiosoídotactomúsicarisatactooídolinguaxePiaget (function()var node=document.getElementById("mw-dismissablenotice-anonplace");if(node)node.outerHTML="u003Cdiv class="mw-dismissable-notice"u0...
          Read more