Its always nice to have extra security surounding the architecture and apps, but for that we will need extra resources that we currently dont have right now, i personally would like to have extra RAM on the proxies. mod_security, is not that light, but its really nice and handy :)

Tweaks that we should do right now, is verify the values in MaxClients and everything regarding the threads (childs), and see if unecessary modules are being loaded or not

At least is my opinion...

On 5/27/07, Damian Myerscough <> wrote:
Yea, it would. However mod_easvie is able to detect if users a
continuously hitting refresh
to consume bandwidth.

mod_evasive is also recommended by Ryan Barnett who is the author of
Preventing Web Attacks with Apache.

Has anyone also thought about deploying mod_security? or is it me just
being paranoid.

I think this would make an excellent topic to talk about in the next meeting?

On 27/05/07, Mike McGrath <> wrote:
> Damian Myerscough wrote:
> > Ok, I guess we can talk more about it after the release of Fedora 7.
> >
> I also have a question about mod_evasive.  Wouldn't it be better/most
> efficient to limit that traffic before it even hits the apache instance?
>     -Mike
> _______________________________________________
> Fedora-infrastructure-list mailing list


Fedora-infrastructure-list mailing list