New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
How to limit maximum download speed per IP/remote connection for Apache?
What is the best way to limit the maximum download speed per IP/remote connection in Apache to prevent abusers and miscreants from consuming/wasting excessive bandwidth? I share some files on my website and some miscreants are requesting large files again and again just to waste/consume the bandwidth and since the website is hosted on a high speed server, they are consuming significant bandwidth in short time. I have already banned abusive IPs but every day there are different IPs. Can anyone please help me with this?
Comments
mod_cband
mod_bandwidth also
I guess you could use iptables assuming you are in linux..
Are there any alternatives? AFAIK mod_cband is preferred/has better control options than mod_bandwidth but it can be CPU intensive. And is it compatible with Apache 2.2? I suppose it's not working with Apache 2.4. Is there any other way to achieve this?
How to achieve this using iptables?
There's also mod_bw. Truthfully I've never actually done it, I usually have problems more in line with mod_qos territory myself. Found this though:
http://stackoverflow.com/questions/17009248/limit-bandwidth-per-apache-virtual-host
I am more an ipfw person but I found this, hope it helps:
http://jmuras.com/blog/2012/limit-bandwidth-for-a-service/
@Atomic7 Litespeed handles this and is compatible with Apache configurations
Can mod_qos limit the bandwidth usage? Can this be done using iptables? From what I have read, it's called Linux Traffic Shaping and is not that easy nor the best thing to do, iptables aren't meant for such purpose.
Wouldn't that just throttle the entire connection speed of port 80? I don't want my website to suffer, I just want to throttle the download speed of files.
How can this be done in Litespeed?
@Atomic7 Its a configuration option - http://www.litespeedtech.com/products/litespeed-web-server/features/anti-ddos-advances
This would throttle port 80 per ip address, it sounds like you have more of DDOS kind of issue with the IP's changing. ?
Do such features exist in Apache or can Apache be configured to do this? I am not really keen to replace apache with litespeed. It's not a ddos attack, each download request is valid, but repeated again and again. They are consuming high bandwidth just because of the connection speed.
No, it's not a ddos kind of issue, there are hardly 2 or 3 abusive ips per day but the amount of bandwidth they use is quite significant. These are not concurrent connections, these are repeated connections just to consume the bandwidth. The same large files are requested again and again. Looks like mod_cband is the only solution to this.
@Atomic7 - I have no idea I stopped using Apache years ago. I was sick of the performance problems, the problems using PHP or Python performance.
I have used Litespeed on some pretty large projects (200+ servers) and been very happy with Litespeed's performance. Nginx is another one to look at.
I mentioned Litespeed specifically because it can use Apache configs right off the bat which saves having to change things around, and if you want to revert back to Apache, you just stop Litespeed and start Apache
I would have switched to Nginx long back, but held back because of compatibility issues. I'll definitely consider switching to Litespeed. Thanks for recommending it.
It also looks like some people are just abusing the downloads, so maybe have a captcha before the download and/or generate a special download link that is linked to the IP address.
But what you wanted to do, is really easy in Nginx http://www.nginxtips.com/how-to-limit-nginx-download-speed/
I think I have found the reason for this. My solusvm, ifconfig and log analysis tools are showing different bandwidth stats. I suppose this is due to discrepancies in methods used by different bandwidth monitoring tools. http://docs.cpanel.net/twiki/bin/view/11_30/WHMDocs/BandwidthDiscrepancies
My log analysis tools are showing high bandwidth usage but it's not the actual bandwidth consumed. I think many visitors are using download managers, which is causing this issue. I'll stick to ifconfig for bandwidth monitoring.