mod_status equivalent?
- Thread starter Da-Idiot
- Start date
I used mod_status for monitoring in real time the actual urls being requested and sent. As well as the ip address that requests are coming from and being sent to.
I can also set the program that relies on this to send out threshold alarms to email or pager.
This would be an awesome add-on for lsws if not already attainable.
I can also set the program that relies on this to send out threshold alarms to email or pager.
This would be an awesome add-on for lsws if not already attainable.
Yes, it looks cool.
If you are using scripts to detect possible attack based those information, it is not a good choice at all.
We have built-in anti-attack features to fend off attacks. Just relax.
Have you read this and adjust your configuration according?
http://www.litespeedtech.com/docs/HowTo_QA.html#qa_dos
If you are using scripts to detect possible attack based those information, it is not a good choice at all.
We have built-in anti-attack features to fend off attacks. Just relax.
Have you read this and adjust your configuration according?
http://www.litespeedtech.com/docs/HowTo_QA.html#qa_dos
ok thanx for the info on the settings.
I have set them all to the minimum needed and can sleep well tonight
Is there a feature so that the webmaster can be emailed if the limits are reached and suspiscious activity is taking place. This would be a great feature for future release if it is not already there.
thanx
I have set them all to the minimum needed and can sleep well tonight
Is there a feature so that the webmaster can be emailed if the limits are reached and suspiscious activity is taking place. This would be a great feature for future release if it is not already there.
thanx
Those activities are logged in the error log. just check the log file once for a while. Most time you don't need to any thing, as those are taken care of by server itself unless the attacker is not frustrated and keep doing that, then you can block them at firewall level.
We will add a option to send email notification when we further improve the anti-attack engine. With current engine, you may receive too many alerts when it happens.
If your sites got attacked a lot, and current litespeed can not feed off those attack very well, please send us more information about the attack, if you can figure out the pattern of the attack.
We will add a option to send email notification when we further improve the anti-attack engine. With current engine, you may receive too many alerts when it happens.
If your sites got attacked a lot, and current litespeed can not feed off those attack very well, please send us more information about the attack, if you can figure out the pattern of the attack.