I tried mod_qos on an httpd-2.2.8, and found very poor performance. The server was previously handling maybe 2000 requests per minute over 2000 IPs without mod_qos and was 97% idle.
With mod_qos it was 100% busy and the requests were bring processed without error, but so slowly all 4096 slots filled up almost immediately and I could no longer even go to server-status.
it was difficult for me to debug where the slowdown originated but I'm wondering if perhaps it was regular expression matching headers?
or some function of the larger working set of IP addresses vs a test environment?
my config looked like:
SetEnvIf Remote_Addr 192.168.1.30 QS_VipRequest=yes
# restricts max concurrent requests for any location which has no
# individual rule:
#QS_LocRequestLimitMatch "^/r0/download.*" 30
# allows the application to nominate VIP users by sending a
# "mod-qos-vip" HTTP response header:
# set this header to VIP someone
# limits the connections for this virtual host:
# allows keep-alive support till the server reaches 600 connections:
# allows max 20 connections from a single ip address:
# disables connection restrictions for certain clients:
QS_SetEnvStatus 503 QS_Block
QS_ClientEventBlockCount 20 600
# don't allow a client IP to access /app/start.html 20 or
# more times within 10 minutes:
#SetEnvIf Request_URI /about QS_Block=yes
# don't allow more than 20 "403" status code responses
# (forbidden) for a client withn 10 minutes:
#QS_SetEnvStatus 403 QS_Block
By the way, I could not get "error pages" to work where an IP was blocked due to QS_Block.
The IP would get internal server error 500s instead of any custom error page.