[Koha] any recommended best practises for handling DoS / DDoS attacks on Koha?

Chris Cormack chris at bigballofwax.co.nz
Tue Feb 9 01:39:06 NZDT 2016


The easiest way, to stop the machine getting overwhelmed and running
out of RAM, is to restrict the max connections Apache allows to a
level that you can cope with.
This of course won't stop the DOS, because they can still use all
available connections, it will stop the machine crashing though. The
only way to stop a persistent DOS is to drop the traffic at the
firewall.

Hope this helps

Chris

On 8 February 2016 at 23:33, Indranil Das Gupta <indradg at gmail.com> wrote:
> Hi all,
>
> Last night I managed to DoS someone's Koha box accidentally, Of course
> I called up to inform them that they need to restart the services. But
> this set me thinking. Anyone running a crawler against the export
> options in the OPAC can DoS down a stock Koha install running on a
> VPS, by flooding it with too many requests too fast.
>
> What are the usual recommended practises to limit / mitigate / handle
> such cases?
>
> thanks in advance
>
> --
> Indranil Das Gupta
>
> Phone : +91-98300-20971
> Blog    : http://indradg.randomink.org/blog
> IRC      : indradg on irc://irc.freenode.net
> Twitter : indradg
>
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-
> Please exchange editable Office documents only in ODF Format. No other
> format is acceptable. Support Open Standards.
>
> For a free editor supporting ODF, please visit LibreOffice -
> http://www.documentfoundation.org
> _______________________________________________
> Koha mailing list  http://koha-community.org
> Koha at lists.katipo.co.nz
> https://lists.katipo.co.nz/mailman/listinfo/koha


More information about the Koha mailing list