ports/138001: New port: www/mod_antiloris Protect Apache 2.x against the Slowloris HTTP DoS attack
Aleksandar Pejic
alex at vts.su.ac.rs
Thu Aug 20 20:20:01 UTC 2009
>Number: 138001
>Category: ports
>Synopsis: New port: www/mod_antiloris Protect Apache 2.x against the Slowloris HTTP DoS attack
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Thu Aug 20 20:20:00 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator: Aleksandar Pejic
>Release: 7.2-RELEASE
>Organization:
Subotica Tech
>Environment:
FreeBSD release72.localdomain 7.2-RELEASE FreeBSD 7.2-RELEASE #0: Fri May 1 08:49:13 UTC 2009 root at walker.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
>Description:
This module protects Apache 2.x from the Slowloris HTTP DoS attack by
limiting the number of allowed connections.
>How-To-Repeat:
>Fix:
# This is a shell archive. Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file". Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
# mod_antiloris
# mod_antiloris/Makefile
# mod_antiloris/distinfo
# mod_antiloris/pkg-descr
# mod_antiloris/files
# mod_antiloris/files/mod_antiloris.conf.in
# mod_antiloris/files/pkg-message.rules.in
#
echo c - mod_antiloris
mkdir -p mod_antiloris > /dev/null 2>&1
echo x - mod_antiloris/Makefile
sed 's/^X//' >mod_antiloris/Makefile << '3eba2bf8c71e49a5b6f4841102a7df41'
X# New ports collection makefile for: mod_antiloris
X# Date created: 20 August 2009
X# Whom: Aleksandar Pejic <alex at vts.su.ac.rs>
X#
X# $FreeBSD$
X#
X
XPORTNAME= mod_antiloris
XPORTVERSION= 0.4
XCATEGORIES= www
XMASTER_SITES= ftp://ftp.monshouwer.eu/pub/linux/mod_antiloris/
X
XMAINTAINER= alex at vts.su.ac.rs
XCOMMENT= Protect Apache 2.x against the Slowloris HTTP DoS attack
X
XMAKE_JOBS_SAFE= yes
X
XUSE_BZIP2= yes
XUSE_APACHE= 20+
XAP_FAST_BUILD= yes
XAP_GENPLIST= yes
XAP_EXTRAS+= -a
XMODULENAME= mod_antiloris
XSRC_FILE= *.c
XSUB_FILES+= mod_antiloris.conf
XSUB_LIST+= APACHEETCDIR="${APACHEETCDIR}"
XWRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION}
X
X.if !defined(SKIP_RULES)
XPLIST_FILES+= ${APACHEETCDIR}/Includes/mod_antiloris.conf
XSUB_FILES+= pkg-message.rules
X.endif
X
Xpost-install:
X.if !defined(SKIP_RULES)
X @${INSTALL_DATA} ${WRKDIR}/mod_antiloris.conf ${PREFIX}/${APACHEETCDIR}/Includes/
X @${CAT} ${PKGMESSAGE}
X.endif
X
X.include <bsd.port.mk>
X
3eba2bf8c71e49a5b6f4841102a7df41
echo x - mod_antiloris/distinfo
sed 's/^X//' >mod_antiloris/distinfo << 'b81ca514fd520bc11b930e51a2220218'
XMD5 (mod_antiloris-0.4.tar.bz2) = 66862bf10e9be3a023e475604a28a0b4
XSHA256 (mod_antiloris-0.4.tar.bz2) = 0de8ea7221b120ef8cbb75f7ee5fb4f865c2e079527dbeda59b878860855a15c
XSIZE (mod_antiloris-0.4.tar.bz2) = 2598
X
b81ca514fd520bc11b930e51a2220218
echo x - mod_antiloris/pkg-descr
sed 's/^X//' >mod_antiloris/pkg-descr << 'f8c9107006fa76269b9f54fcd982780b'
XThis module protects Apache 2.x from the Slowloris HTTP DoS attack by
Xlimiting the number of allowed connections.
X
XWWW: http://modules.apache.org/search.php?id=1783
X
f8c9107006fa76269b9f54fcd982780b
echo c - mod_antiloris/files
mkdir -p mod_antiloris/files > /dev/null 2>&1
echo x - mod_antiloris/files/mod_antiloris.conf.in
sed 's/^X//' >mod_antiloris/files/mod_antiloris.conf.in << '08320a5bf137a626c383699d1e2d09d4'
X<IfModule mod_antiloris.c>
X IPReadLimit 5
X</IfModule>
X
08320a5bf137a626c383699d1e2d09d4
echo x - mod_antiloris/files/pkg-message.rules.in
sed 's/^X//' >mod_antiloris/files/pkg-message.rules.in << 'f411788e9048d8b3b46e9971fefc26c0'
X
XThe mod_antiloris configuration file has been installed here:
X
X %%PREFIX%%/%%APACHEETCDIR%%/Includes/mod_antiloris.conf
X
XTo activate the module:
X
X 1. find the line bellow in file %%PREFIX%%/%%APACHEETCDIR%%/httpd.conf,
X remove the hash sign (#) in front of it and save the file
X
X #LoadModule antiloris_module libexec/apache2/mod_antiloris.so
X
X 2. restart your Apache server
X
f411788e9048d8b3b46e9971fefc26c0
exit
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list