Problem with www/mod_cband
mdh_lists at yahoo.com
Fri Oct 17 19:14:20 UTC 2008
--- On Fri, 10/17/08, Jeremy Chadwick <koitsu at FreeBSD.org> wrote:
> From: Jeremy Chadwick <koitsu at FreeBSD.org>
> Subject: Re: Problem with www/mod_cband
> To: "David Karapetyan" <david.karapetyan at gmail.com>
> Cc: freebsd-questions at freebsd.org, freebsd-ports at freebsd.org
> Date: Friday, October 17, 2008, 1:53 PM
> On Fri, Oct 17, 2008 at 12:57:41PM -0400, David Karapetyan
> > FreeBSD office19.resnet.nd.edu 7.0-RELEASE-p5 FreeBSD
> 7.0-RELEASE-p5 #0:
> > Wed Oct 1 10:10:12 UTC 2008
> root at i386-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC
> > Hello everyone. Every time I try to use the mod_cband
> module in my
> > apache22 webserver, apache segfaults upon restart.
> Things work fine when
> > I disable the module from httpd.conf. Is this module
> broken, and if so,
> > what comparable alternatives are there?
> Be aware that mod_cband has quite a horrible bug. This is
> a Debian bug
> report, but the same problem applies to FreeBSD. Be sure
> to read the
> entire bug, not just the original report.
> Regarding alternatives: there aren't. Bandwidth
> limiting is a
> long-standing feature of Apache that's missing, which
> is a huge
> The best solution I've found on FreeBSD is to use pf(4)
> with ALTQ,
> and give each VirtualHost its own IP address, then
> rate-limit the IP
> address using pf(4). Yes, I realise this is impractical
> for sites
> which have many vhosts and use name-based virtualhosts.
> Welcome to my world...
IMHO, that solution is considerably sexier than what mod_cband claims to do (having read only pkg-descr).
It seems possible, however, that mod_cband's functionality could be replicated by a simple script that watches the access log files and makes an update to a .htaccess file for the virtualhost when the virtualhost in question exceeds a given bandwidth limit which would be configured in the script. Think `tail -f`. Functionality is handled outside of apache so no danger of crashes. Just create the .htaccess in such a way that the end-user can't delete/modify it, and have it do a Redirect. For robustness' sake, move any existing .htaccess file to .htaccess.X and move it back when the virtualhost is back in compliance or paid up or whatever.
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
More information about the freebsd-ports