A.J. A.J.

Thanks for the reply. My aggressive solution is based on the behavior of some overly-aggressive spiders. I've excluded static resources like images, so the idea is to enforce a reasonable rate on all other requests to my application (30 requests within 2 seconds). I indeed made a typo in my rules: the 20 should be 30 instead. So that explains why I saw log messages related to the "RepeatedlySlow" rule without first seeing "SlowRequest" entries. However, it's still a mystery why that rule was being...

First, thank you very much for creating this very useful module! My issue is that legitimate spiders like Googlebot are being blocked by mod_qos, even if the number of requests they send is well below the limit I've set. Here are my rules, which are based on your suggestions for some basic DOS protection: # Allows max 100 connections from a single ip address: QS_SrvMaxConnPerIP 100 # Don't allow a client IP to access a "handler" (not a static resource like # a jpg, gif, ..) more than 30 times within...