Dear David,

Thank you for your kindly and quick reply.

I am sorry that I thought the limitipconn module would totally prevent
the DoS attacker from connecting to TCP 80 port.

BTW, I am not sure how Apache and its DSOs work internally. But I
wonder whether there is a way to achieve the result I expected? If it
cannot done inside Apache or its DSOs, maybe it can be done by adding
a rule to the system iptables?

Thank you for your wonderful mod_limitipconn; hope it can be
integrated to Apache trunk soon.

On Thu, Jul 17, 2008 at 12:18 AM, David Jao <djao@(protected):
> If you are getting 503 responses then it looks like the module is working.
> The module does not limit connections, because that would be impossible --
> a user has to connect to your web server before the module can even see the
> user. The module does limit responses if there are too many connections,
> and that is what you are seeing.

--
Yours Truly,
James Z. Snell

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@(protected)
 "  from the digest: users-digest-unsubscribe@(protected)
For additional commands, e-mail: users-help@(protected)