hello -
this morning i started to see this message in my error log file:
[Tue Sep 15 09:38:33 2015] [error] mod_qos(034): access denied, QS_SrvMinDataRate rule (enforce keep-alive), c=xxx.xxx.xxx.xxx
previously when i was using the free version of virtuamin, i had my mod_qos set up like this:
/etc/httpd/conf.d/mod_qos.conf:
<IfModule mod_qos.c>
QS_LocRequestLimitMatch ^/wp-login.php 3
QS_LocRequestPerSecLimitMatch ^/wp-login.php 1
# handles connections from up to 100000 different IPs
QS_ClientEntries 100000
# will allow only 50 connections per IP
QS_SrvMaxConnPerIP 20
# maximum number of active TCP connections is limited to 256
MaxClients 256
# disables keep-alive when 70% of the TCP connections are occupied:
QS_SrvMaxConnClose 70%
# minimum request/response speed (deny slow clients blocking the server, ie. slowloris keeping connections open without requesting anything):
QS_SrvMinDataRate 150 1200
# and limit request header and body (carefull, that limits uploads and post requests too):
# LimitRequestFields 30
# QS_LimitRequestBody 102400
## 2014-03-27 added as per forum post:
## http://sourceforge.net/p/mod-qos/discussion/697421/thread/057e5cd5/
SetEnvIf Request_URI /wp-login.php QS_Limit
QS_ClientEventLimitCount 20 300
</IfModule>
since then, i upgraded to PRO so i could take advantage of the wonderful “Maximum number of processes” and have it set to nine.
the problem was with wordpress as it was attracting a lot of windbreak attempts.
my question: now that i have "max ## of processes’ set in the pro version, should my mod_qos be adjusted? is it wise to use both mod_qos and ‘max number of processes’ ? i believe i had it set a bit too extreme at the time to fend off the attacks.
thank you.