mod_limitipconn.c
Author: David Jao <djao@dominia.org>
MicroApache version by M Shaw April 2006
Apache 2.0 C module to limit the maximum number of simultaneous
connections per IP address. Allows inclusion and exclusion of files
based on MIME type.
Example configuration:
---------------------------------------------------------------------------
MicroApache version is renamed from *.SO to *.dll and UPX compressed to 4kb
---------------------------------------------------------------------------
ExtendedStatus On
# Only needed if the module is compiled as a DSO
LoadModule limitipconn_module lib/apache/mod_limitipconn.so
<IfModule mod_limitipconn.c>
    <Location /somewhere>
  MaxConnPerIP 3
  # exempting images from the connection limit is often a good
  # idea if your web page has lots of inline images, since these
  # pages often generate a flurry of concurrent image requests
  NoIPLimit image/*
    </Location>
    <Location /mp3>
  MaxConnPerIP 1
  # In this case, all MIME types other than audio/mpeg and video*
  # are exempt from the limit check
  OnlyIPLimit audio/mpeg video
    </Location>
</IfModule>
---------------------------------------------------------------------------
Notes:
  This module will not function unless mod_status is loaded and the
  "ExtendedStatus On" directive is set.
  The limits defined by mod_limitipconn.c apply to all IP addresses
  connecting to your Apache server. Currently there is no way to set
  different limits for different IP addresses.
  Connections in excess of the limit result in a stock 503 Service
  Temporarily Unavailable response. The job of returning a more useful
  error message to the client is left as an exercise for the reader.
  mod_limitipconn sets the LIMITIP environment variable to 1 whenever a
  download is denied on the basis of too high an IP count. You can use
  this variable to distinguish accesses that have been denied by this
  module. For example, a line like
      CustomLog /var/log/httpd/access_log common env=!LIMITIP
  in httpd.conf can be used to suppress logging of denied connections
  from /var/log/httpd/access_log. (Note that, if you want to do this,
  you'll probably also want to comment out the ap_log lines from
  mod_limitipconn.c to suppress error_log lines as well.)
Proxy client tracking
  By default, all clients behind a proxy are treated as coming from the
  proxy server's IP address. If you patch Apache with the included 
  apachesrc.diff patch and configure with --enable-forward and rebuild,
  the real IP addresses of clients behind proxies can be correctly
  detected in most situations. See the INSTALL file for specific
  instructions.
