Skip to main content

mod_ratelimit

Comments

12 comments

  • cPRex Jurassic Moderator

    Hey there! Don't feel bad - I frequently feel dumb as there is just too much information for any single person to know. Can you try the details mentioned in the thread here to see if that helps?

    https://support.cpanel.net/hc/en-us/community/posts/19662323062423

    0
  • WorkinOnIt
    Hello @cPRex Is there some information the explains exactly how mod_ratelimit works? Does it prevent a user hogging resources? And does the link you provided previously still apply:
    0
  • cPRex Jurassic Moderator

    I don't see anything in that older post that wouldn't work well today, since that is all references EA4 paths that are still in use. It *can* prevent a single user hogging resources, but it only tracks bandwidth, not CPU usage or the number of connections to the site. So no, your example with the bots would not be possible with this module. Here's more details about how that can be configured:

    https://httpd.apache.org/docs/2.4/mod/mod_ratelimit.html

    0
  • SimpleSonic
    I don't see anything in that older post that wouldn't work well today, since that is all references EA4 paths that are still in use. It *can* prevent a single user hogging resources, but it only tracks bandwidth, not CPU usage or the number of connections to the site. So no, your example with the bots would not be possible with this module. Here's more details about how that can be configured:
    0
  • WorkinOnIt

    cPRex

    "I don't see anything in that older post..."

    Looks like the mentioned has gotten removed in the forum switch up. 

    Can you re-post that thread link?  And also the info posted after:   

    .... Here's more details about how that can be configured:

     

     

    Cheers

     

    0
  • cPRex Jurassic Moderator

    WorkinOnIt - both links updated!

    1
  • WorkinOnIt

    cPRex

    Thanks. I've installed mod_ratelimit and restarted httpserver  but it's not 100% clear where to add rules.  After googling it seems some user added rules to .htaccess files for specific vhosts - e.g.

    <IfModule ratelimit_module>
    SetOutputFilter RATE_LIMIT
    SetEnv rate-limit 100
    SetEnv rate-initial-burst 200
    </IfModule>

     

    However the aforementioned post seems to indicate the need to configure it via a .conf file in /etc/apache2/conf.d/userdata > but I don't have any conf file in that directory.

    If I want to target one specific vhost / user, where do you suggest the filter should be added?

    0
  • cPRex Jurassic Moderator

    The userdata directory you mentioned is for custom includes.  By default, there wouldn't be anything there, and you'd need to create the directory structure:

    Details on that process can be found here:

    https://docs.cpanel.net/ea4/apache/modify-apache-virtual-hosts-with-include-files/

    but it's just creating the folders/files and then rebuilding and restarting Apache.

    0
  • WorkinOnIt

    Thank you for replying.

    I think I figured out a solution for this use-case. Here is what I have done, what are your thoughts:

    1) easyapache > load mod_ratelimit and mod_env
    2) WHM > Apache config > include editor > pre-virtual hosts and add :
     
    <IfModule mod_ratelimit.c> 
    # 1: specific domain
      <VirtualHost example.com:443>
          <Location />
              SetOutputFilter RATE_LIMIT
              SetEnv rate-limit 512
              SetEnv rate-initial-burst 1024
          </Location>
        </VirtualHost>

    # 2: all other domains
      <VirtualHost _default_:*>
          <Location />
              SetOutputFilter RATE_LIMIT
              SetEnv rate-limit 1024
          </Location>
      </VirtualHost>
    </IfModule>
     
    Test the download speed: 
    curl -o /dev/null -w "Transfer speed: %{speed_download} bytes/sn" example.com
     
    Result:
     

    % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

    Dload  Upload   Total   Spent    Left  Speed

    100  301k    0  301k    0     0   153k 

     
    0
  • cPRex Jurassic Moderator

    Anything you put in pre-virtualhost will affect all domains on the server.  I'm not sure if specifying a specific domain with the ifmodule like you have will work or not, as it's not something we test since there is the other include system in place for per-domain configurations.

    0
  • WorkinOnIt

    I tested it and I seem to be getting correct download rate return for specificdomain.com and the other domains have the slightly higher rate, as expected.

    there is the other include system in place for per-domain configurations.

    Could you elaborate on this?  Do you mean htaccess file?

    0
  • cPRex Jurassic Moderator

    No, the per-domain options you can manually create in /etc/apache2/conf.d/userdata/ssl/2_4/user/domain/includename.conf

    0

Please sign in to leave a comment.