When excluding images with mod_dosdetector, I want dynamic images to be targeted for DoS attack detection.

Asked 2 years ago, Updated 2 years ago, 52 views

I would like to take measures against dos with the apache module mod_dosdetector.

The environment to be applied is the web server where the java servlet is running.

Restricted access is not all access to the server, but
Access to Servlet actions is primary and
Access to image files stored in the image directory on the same server is not considered a DOS attack and should not be restricted.

Therefore, in the DoSIgnoreContentType configuration item of mod_dosdetector,
I'm trying to make it happen.
If you specify a content type, the image is not subject to restriction without any problems.
when accessing Servlet actions If the jsp returned by the action returns an image of the same server to the client,
The access itself is no longer restricted.

Is there any way to deal with this situation?

Thank you for your cooperation.

apache

2022-09-30 14:36

1 Answers

After a quick look at the source code, the context of the DoSDetection directive can be a "directory", so you can do DoSDetection Off with static images.(Unconfirmed) 

<Directory/path/to/static/image/dir>
    DoSDetection Off
</Directory>

2022-09-30 14:36

If you have any answers or tips

Popular Tags
python x 4647
android x 1593
java x 1494
javascript x 1427
c x 927
c++ x 878
ruby-on-rails x 696
php x 692
python3 x 685
html x 656
Popular Questions

547 Who developed the "avformat-59.dll" that comes with FFmpeg?

981 In Java servlet, when SHA-256 sends WW-Authenticate header for digest authentication, the client does not return the result.

549 PHP ssh2_scp_send fails to send files as intended

537 Uncaught (inpromise) Error on Electron: An object could not be cloned

642 /usr/bin/google-chrome:symbol lookup error:/usr/bin/google-chrome: undefined symbol:gbm_bo_get_modifier

© 2024 OneMinuteCode. All rights reserved.