我尝试安装modsecurity 2.9.1,但似乎对dos保护无效,我通过ab工具进行了测试,如下所示:
ab -r -k -n50 -c20 -H“用户代理:由George测试”“ http://api.domain.com/test/ab?k1=v10”
但结果:
Document Path: /test/ab?k1=v10
Document Length: 0 bytes
Concurrency Level: 20
Time taken for tests: 6.202 seconds
Complete requests: 50
Failed requests: 0
Keep-Alive requests: 0
Total transferred: 0 bytes
HTML transferred: 0 bytes
Requests per second: 8.06 [#/sec] (mean)
Time per request: 2480.740 [ms] (mean)
在并发下没有效果。我的modsecurity配置如下:
setvar:'tx.static_extensions=/.jpg/ /.jpeg/ /.png/ /.gif/ /.js/ /.css/ /.ico/',\
setvar:'tx.dos_burst_time_slice=5',\
setvar:'tx.dos_counter_threshold=20',\
setvar:'tx.dos_block_timeout=120'"
有什么想法吗?
答案 0 :(得分:0)
您的核心规则集/ CRS版本是什么? (您使用的DOS规则取自CRS)