Problem with www/mod_cband

mdh mdh_lists at yahoo.com
Fri Oct 17 19:14:20 UTC 2008 

--- On Fri, 10/17/08, Jeremy Chadwick <koitsu at FreeBSD.org> wrote:
> From: Jeremy Chadwick <koitsu at FreeBSD.org>
> Subject: Re: Problem with www/mod_cband
> To: "David Karapetyan" <david.karapetyan at gmail.com>
> Cc: freebsd-questions at freebsd.org, freebsd-ports at freebsd.org
> Date: Friday, October 17, 2008, 1:53 PM
> On Fri, Oct 17, 2008 at 12:57:41PM -0400, David Karapetyan
> wrote:
> > FreeBSD office19.resnet.nd.edu 7.0-RELEASE-p5 FreeBSD
> 7.0-RELEASE-p5 #0: 
> > Wed Oct  1 10:10:12 UTC 2008     
> >
> root at i386-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC
>  i386
> > 
> > Hello everyone. Every time I try to use the mod_cband
> module in my 
> > apache22 webserver, apache segfaults upon restart.
> Things work fine when 
> > I disable the module from httpd.conf. Is this module
> broken, and if so, 
> > what comparable alternatives are there?
> 
> Be aware that mod_cband has quite a horrible bug.  This is
> a Debian bug
> report, but the same problem applies to FreeBSD.  Be sure
> to read the
> entire bug, not just the original report.
> 
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=418645
> 
> Regarding alternatives: there aren't.  Bandwidth
> limiting is a
> long-standing feature of Apache that's missing, which
> is a huge
> disappointment.
> 
> The best solution I've found on FreeBSD is to use pf(4)
> with ALTQ,
> and give each VirtualHost its own IP address, then
> rate-limit the IP
> address using pf(4).  Yes, I realise this is impractical
> for sites
> which have many vhosts and use name-based virtualhosts.
> 
> Welcome to my world...

IMHO, that solution is considerably sexier than what mod_cband claims to do (having read only pkg-descr).  

It seems possible, however, that mod_cband's functionality could be replicated by a simple script that watches the access log files and makes an update to a .htaccess file for the virtualhost when the virtualhost in question exceeds a given bandwidth limit which would be configured in the script.  Think `tail -f`.  Functionality is handled outside of apache so no danger of crashes.  Just create the .htaccess in such a way that the end-user can't delete/modify it, and have it do a Redirect.  For robustness' sake, move any existing .htaccess file to .htaccess.X and move it back when the virtualhost is back in compliance or paid up or whatever.  

- mdh


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

More information about the freebsd-ports mailing list