我尝试安装modsecurity 2.9.1,但它似乎不能用于dos保护,我通过ab工具测试,测试如下:
ab -r -k -n50 -c20 -H "User-Agent: test by George“"http://api.domain.com/test/ab?k1=v10”
但结果是:
Document Path: /test/ab?k1=v10
Document Length: 0 bytes
Concurrency Level: 20
Time taken for tests: 6.202 seconds
Complete requests: 50
Failed requests: 0
Keep-Alive requests: 0
Total transferred: 0 bytes
HTML transferred: 0 bytes
Requests per second: 8.06 [#/sec] (mean)
Time per request: 2480.740 [ms] (mean)
在并发的情况下没有影响。我的modsecurity配置如下:
setvar:'tx.static_extensions=/.jpg/ /.jpeg/ /.png/ /.gif/ /.js/ /.css/ /.ico/',\
setvar:'tx.dos_burst_time_slice=5',\
setvar:'tx.dos_counter_threshold=20',\
setvar:'tx.dos_block_timeout=120'"
有什么想法吗?
发布于 2018-08-16 05:34:25
您的核心规则集/ CRS版本是什么?(您正在使用的DOS规则取自CRS)
https://stackoverflow.com/questions/51857167
复制相似问题