More abuse prevention features

#1
Hello, I think Litespeed has already many good security features built in, yet there are a couple of things that I would love to see implemented.
This would be all I need to leave Apache for good.
These features are provided in mod_evasive and mod_cband for Apache, but having them integrated into the webserver would be a different thing, really much better in terms of maintainability and troubleshooting.

1) Ban an IP address after a certain number of requests in a custom time window. For example, ban an IP if it does more than 20 requests in 5 seconds.

2) Ban (or trigger a redirect, or show a custom page) an IP address if it downloads a user definable amount of data in a certain time frame. For example, ban an IP address if it downloads more than 200MB in 24 hours.

Obviously these rules could be improved in many ways: running a shell script when they are triggered or the possibility to define multiple rules of each kind on a vhost basis are just two of them.

Will these features ever appear in Litespeed? Is there an ETA? Even if only for the enterprise version that would be a great think, IMHO.

Regards,
-Mark
 

mistwang

LiteSpeed Staff
#2
Thanks for the the feature requests.

For 1), please check our Anti-DDoS feature: http://www.litespeedtech.com/how-tos.html#qa_dos

Not exactly the same, but pretty useful as well. Some of them are only available to Enterprise. We will improve that.

For 2), have no plan to implement this yet, the statistic data may get lost when server restart if those have not been stored in a persistent storage. I think it is better to implement with a download manager script along with a log analyzer and DB involved. It is a little too much for being implemented internally within the web server.
 
#3
Thanks for your suggestions.
Indeed, after giving it some thought, I agree that putting logs in a database should be the way to go.
Having it built into the server would allow for better performance, yet the overhead shouldn't be too much of an issue to parse logs into a database and running queries.
You are also completely right on the issue of data persistence.
Thanks for your time.

Regards,
-Mark
 
Top