this morning i started to see this message in my error log file:
[Tue Sep 15 09:38:33 2015] [error] mod_qos(034): access denied, QS_SrvMinDataRate rule (enforce keep-alive), c=xxx.xxx.xxx.xxx
previously when i was using the free version of virtuamin, i had my mod_qos set up like this:
<IfModule mod_qos.c> QS_LocRequestLimitMatch ^/wp-login.php 3 QS_LocRequestPerSecLimitMatch ^/wp-login.php 1 # handles connections from up to 100000 different IPs QS_ClientEntries 100000 # will allow only 50 connections per IP QS_SrvMaxConnPerIP 20 # maximum number of active TCP connections is limited to 256 MaxClients 256 # disables keep-alive when 70% of the TCP connections are occupied: QS_SrvMaxConnClose 70% # minimum request/response speed (deny slow clients blocking the server, ie. slowloris keeping connections open without requesting anything): QS_SrvMinDataRate 150 1200 # and limit request header and body (carefull, that limits uploads and post requests too): # LimitRequestFields 30 # QS_LimitRequestBody 102400 ## 2014-03-27 added as per forum post: ## http://sourceforge.net/p/mod-qos/discussion/697421/thread/057e5cd5/ SetEnvIf Request_URI /wp-login.php QS_Limit QS_ClientEventLimitCount 20 300 </IfModule>
since then, i upgraded to PRO so i could take advantage of the wonderful “Maximum number of processes” and have it set to nine.
the problem was with wordpress as it was attracting a lot of windbreak attempts.
my question: now that i have "max ## of processes’ set in the pro version, should my mod_qos be adjusted? is it wise to use both mod_qos and ‘max number of processes’ ? i believe i had it set a bit too extreme at the time to fend off the attacks.