[users@httpd] mod_proxy_balancer and router_id cookie

[Sylvain <de...@gmail.com>]

Hi !

I have configured mod_proxy_balancer according to documentation.
All works fine, sticky cookie name that I've defined is on the browser.
On the other hand, I've seen that there is another cookie name named
"router_id".
Why is it defined ?
I've searched the source files to find answer but with no luck.

If you have the answer, I hear you :)

Best regards,
Sylvain

Re: [users@httpd] ** MOD_RELEASE ** Apache2.x (mod_fence) Flood/DOS/DDOS Protection + stuck detection

[Rich Bowen <rb...@rcbowen.com>]

Being under the apache license does not imply any relationship with the
Apache Software Foundation. And in the case of mod_evasive there is none.
As far as I can tell, that module has been abandoned for a number of years.

On Dec 5, 2016 11:52 AM, "Stormy" <st...@stormy.ca> wrote:

> At 04:26 PM 12/5/2016 +0100, DaVieS wrote:
>
>> Hi Everyone!
>>
>> As a FullStack I had a very long headache with Apache, especially with
>> crappy and slowly pages, that the PHP stucks (FLOCK() && Session) the
>> processes over-time until the webserver become unavailable meanwhile
>> unfortunately slow pages (1-4 secs) will able to kill the whole webserver
>> with hammering F5 or with external help (with mod_evasive On and/or nginx
>> rate limiting).
>>
>
> On 3 November I posted a question about mod_evasive and here's another
> one. Could someone involved with Apache "background" please advise (on- or
> off-list) if such mods, distributed under the Apache license, have gone
> through any form of QA?
>
> tnx -- paul
>
>
> In the case described before we made a module that only mitigate requests
>> when unfinished jobs remaining in apache and its stopped my headache as
>> well and it is available for public,
>> "Licensed under the Apache License, Version 2.0".
>>
>>
>> (Links below does not contains any advertising)
>>
>> If you are interesting how is it works please visit:
>> https://web-flood-test.npulse.net/
>> If you are interested for source: https://devel.npulse.net/npuls
>> e-public/mod_fence
>> If you are interested for our article about the problem:
>> https://npulse.net/en/apache-php-stuck-session-bug-mod_fence
>> -protection-dos-ddos-protection
>>
>> Feel free to test / use / share and also pull requests are welcome.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

Re: [users@httpd] ** MOD_RELEASE ** Apache2.x (mod_fence) Flood/DOS/DDOS Protection + stuck detection

[Stormy <st...@stormy.ca>]

At 04:26 PM 12/5/2016 +0100, DaVieS wrote:
>Hi Everyone!
>
>As a FullStack I had a very long headache with Apache, especially with 
>crappy and slowly pages, that the PHP stucks (FLOCK() && Session) the 
>processes over-time until the webserver become unavailable meanwhile 
>unfortunately slow pages (1-4 secs) will able to kill the whole webserver 
>with hammering F5 or with external help (with mod_evasive On and/or nginx 
>rate limiting).

On 3 November I posted a question about mod_evasive and here's another one. 
Could someone involved with Apache "background" please advise (on- or 
off-list) if such mods, distributed under the Apache license, have gone 
through any form of QA?

tnx -- paul


>In the case described before we made a module that only mitigate requests 
>when unfinished jobs remaining in apache and its stopped my headache as 
>well and it is available for public,
>"Licensed under the Apache License, Version 2.0".
>
>
>(Links below does not contains any advertising)
>
>If you are interesting how is it works please visit: 
>https://web-flood-test.npulse.net/
>If you are interested for source: 
>https://devel.npulse.net/npulse-public/mod_fence
>If you are interested for our article about the problem: 
>https://npulse.net/en/apache-php-stuck-session-bug-mod_fence-protection-dos-ddos-protection
>
>Feel free to test / use / share and also pull requests are welcome.
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

[users@httpd] ** MOD_RELEASE ** Apache2.x (mod_fence) Flood/DOS/DDOS Protection + stuck detection

[DaVieS <da...@npulse.net>]

Hi Everyone!

As a FullStack I had a very long headache with Apache, especially with 
crappy and slowly pages, that the PHP stucks (FLOCK() && Session) the 
processes over-time until the webserver become unavailable meanwhile 
unfortunately slow pages (1-4 secs) will able to kill the whole 
webserver with hammering F5 or with external help (with mod_evasive On 
and/or nginx rate limiting).

In the case described before we made a module that only mitigate 
requests when unfinished jobs remaining in apache and its stopped my 
headache as well and it is available for public,
"Licensed under the Apache License, Version 2.0".


(Links below does not contains any advertising)

If you are interesting how is it works please visit: 
https://web-flood-test.npulse.net/
If you are interested for source: 
https://devel.npulse.net/npulse-public/mod_fence
If you are interested for our article about the problem: 
https://npulse.net/en/apache-php-stuck-session-bug-mod_fence-protection-dos-ddos-protection

Feel free to test / use / share and also pull requests are welcome.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org