mod_qos

Mod_qos is a module for the Apache HTTP server that implements " Quality-of- Service (QoS) ". It implements mechanisms to resources on a web server prioritize requests differently and control.

Description

A Web server can only handle a limited number of simultaneous requests. QoS is used that key resources remain available even under high load by requests to these resources are prioritized higher than requests to less important to ensure.

Mod_qos provides various control mechanisms at different levels:

• Per HTTP request: mod_qos controls the number of simultaneous requests to a namespace ( URL). mod_qos may refuse requests for resources lower priority if those number is too high, so that the Web server can continue to work on important questions.
• At the connection level: mod_qos controls the number of TCP connections to the web server and can for example, limit the Anhalt connections for a single user.
• Bandwidth: requests to specific resources can be slowed down to not fully utilize the available bandwidth.
• Generic filters can reject invalid requests to a Web server.

The module can be especially helpful in a reverse proxy, where many different resources and applications are accessible via a single access point (possible bottleneck ).

Applications

Slow application

Image

Provides a single web server access to different application, so the behavior of an application may adversely affect the availability of other applications. For example, if an application ( in the picture above path / ccc ) is very slow, it may happen that the number of inquiries on these applications form a traffic jam and thus block all connections to the Web server. Other applications ( here / aaa or / bbb), which would still function properly, are no longer accessible to the user. mod_qos may limit, in such a case, the maximum number of simultaneous requests to the slow application, so the other two applications remain available.

HTTP Keep- Alive

The so-called " Keep- Alive" extension of HTTP 1.1 allows persistent TCP connections between client and server via the multiple HTTP requests ( " requests" ) can be performed. This speeds up the loading of a web page in the browser. A disadvantage is that ending the waiting times, where no request is processed on the server resources are still blocked. mod_qos allows a server to support keep-alive, as long as it has enough free resources to this function to disable though, if too many connections are opened to the server.

Many requests for the same URL

Mod_qos may limit the number of simultaneous requests to a URL. Further, the maximum number of requests per unit time and the maximum allowable bandwidth can be defined.

Mod_qos can help to protect a Web server from attacks by the so-called type "low -bandwidth denial of service ". Attackers try using programs such as Slowloris or LOIC to block a web server by sending on open TCP ports are only very few data on the server. mod_qos tries to prevent such connections by closing connections with too little data exchange.

History

The first release of mod_qos was released in May 2007. The software was released on SourceForge.net as open source project. The first version was the number of parallel requests to limit in a position to pre-defined resources. Gradually, more features have been implemented and some of them have been used to combat DoS attacks. In 2012 was recorded mod_qos in the software repository of your Linux distribution Ubuntu.

Major releases:

• May 2007, Version 1: Limits the number of concurrent requests to resources.
• July 2007, Version 2.2: Project launched several utilities.
• August 2007, Version 3: Controls data transfer at the connection level. Web interface for viewing the current status.
• September 2007, Version 4: Control of bandwidth.
• December 2007, Version 5: Allows the definition of custom events ( "events" ) and its limitation ( "limitation ").
• March 2008, Version 6: control per client IP address.
• May 2008, Version 7: How to force a minimum bandwidth to be observed by a client.
• September 2009, Version 9: Detection of abnormal user behavior.
• February 2012, version 10: Support for geolocation.