[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Apache tweak



Ahmed Kamal wrote:
cool plan. Hopefully it should hold against regular release day traffic.
However, on FC6 launch, we were deliberately 'attacked', right? flooders
might deliberately hit the non static pages, are we prepared for that ?
How would everyone feel about limiting the number of connections per /24
network to a reasonable number, a la
iptables -p tcp --syn --dport 80 -m connlimit --connlimit-above 16
--connlimit-mask 24 -j REJECT


The attack thing was never totally confirmed one way or the other and we don't have the logs from last year (we weren't running fedora.redhat.com then) So we're much better prepared this run but it's still difficult to tell exactly what to expect.

   -Mike


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]