apf and dosdeflate

Discussion in 'Linux VPS/Dedicated - General' started by rezag, May 13, 2008.

  1. rezag

    rezag New Member

    Early on in my KH days support set up apf with dos deflate for me, I have been playing around with dos deflate's "NO_OF_CONNECTIONS" to find a good number because I would see that simply replying to a thread (on a vBulletin forum with smilies loading up on the right hand side) could trigger a ban if the number is 100~150. I don't want to keep increasing that number for obvious reasons. Can I make dos deflate more useful or should I look at other tools?
    My second question is about apf itself, monitoring the hosts.deny rules I see many 'good' IPs, those of legitimate users , getting banned. Sometimes I receive emails and IMs from my users asking if my site is down. At least in the case of dos deflate after the ban period is over people can load the site. I guess same question as above, whats the best way to manage apf. I know it has a config file but would appreciate some help with it nevertheless.

    Any ideas, help would be appreciated :)
     
  2. khiltd

    khiltd New Member

    There's mod_evasive--which carries with it the side-benefit of being more easily distinguished from mod_deflate--but ultimately, if legitimate page loads can be expected to result in hundreds of subrequests on a regular basis, you're going to have to keep those thresholds high to avoid false positives.
     
  3. rezag

    rezag New Member

    Thanx, I will look at it and may ditch apf (and dos deflate)

    In the meanwhile any ideas on apf config itself? Its easy to play around around with dos deflate but even searching online doesn't help much in finding ways to make apf less restrictive.
     

Share This Page