We started using mod_evasive on our Apache Servers to mitigate DDOS attacks.
This works fine, except for awstats. It seems that the high number of image
fetches on some pages trigger mod_evasive's limits on fetches of a single item
and/or total fetches from the site.
Expires headers with far-future expirations greatly reduce the number of image
fetches, and solve the problem of using mod_evasive with awstats.
Unfortunately, because of the way that awstats serves images (via index.php),
it is difficult to apply expires headers just to image files.
A simple mod to awstats-config.php causes .png files to be served with an
expires header with a date one year in the future:
else //if it is a png, output appropriate header
// paul's mod starts here
$extime = time() + 31536000; // one year in the future
$exstr = gmdate( "D, j M Y H:i:s GMT", $extime );
header("Expires: $exstr" );
// end of paul's mod
//output the file
Yes... I tried to find a set of parameters for mod_evasive that would allow
awstats to work. However, if you make them too generous, then there's no point
in running mod_evasive.
Loads of some awstats pages result in over 60 http requests. The mod described
above reduces that to about half a dozen.
Log in to post a comment.