QS_SrvMaxConnPerIP and higher connections limit for specific addresses

Quality of service module for Apache httpd

Brought to you by: pbuchbinder

QS_SrvMaxConnPerIP and higher connections limit for specific addresses

Forum: Open Discussion

Created: 2018-01-31

Updated: 2018-02-19

Piotr - 2018-01-31

Hi, I use QS_SrvMaxConnPerIP in my configuration, but I would like to allow more connections to some IP addresses. I cannot use QS_SrvMaxConnExcludeIP for them, because I just need to use higher limit and this option allow to make unlimited connections. Any ideas how to do it? Thank you!

Developers, thank you very much for this amazing module! :)

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Pascal Buchbinder - 2018-01-31

It's (currently) not possible by using mod_qos only as it features this single connection counter only. But if you are using mod_security as well, you could try configure one limit by using mod_qos's QS_SrvMaxConnPerIP directive and the other limit by using mod_security's SecConnReadStateLimit directive.

something like this:

QS_SrvMaxConnPerIP 20 QS_SrvMaxConnExcludeIP 127.0.0.1 SecConnReadStateLimit 30 "@ipMatch 127.0.0.1"
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Pascal Buchbinder - 2018-02-01
  
  maybe mod_security even allows you to configure SecConnReadStateLimit multiple times with different thresholds for different IP addresses - I don't know but it might be worth trying it.
  
  If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Piotr - 2018-02-19

Thank you so much for this solution. It works not bad, but mod_security doesn't block connections, like mod_qos does. However, thank you for your answer and all updates. Mod_qos is my favourite Apache module ;)

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.