mod_evasive behind a proxy

[josh]

Hello all,

I'm thnking about installinf mod_evasive on our webservers as it seems to do the right thing in terms of DOS attacks.

The problem:
I'm using perlbal to balance out requests to all our webservers and I can find docs on mod_evasive. I *think* what will happen is that my perlbal server will be blocked and everyone will see a 403 forbidden. Is this the case? or will perlbal work with mod_evasive?

Any pointeres one this would be helpful.

Thanks,
Josh.

 

[nobaloney]

Unfortunately not an answer (I don't know the answer) but a question:

How do you like perbal? It looks like a great solution. Have you discovered any drawbacks (besides the subject of this thread)?

Thanks.

Jeff

 

[josh]

The big problem wit perlbal is the lack of documantation.

It's certanly usable as a dumb load balancer and it does a helth check on the servers. It can be dynamically configured. In short it's good but we are thinking about moveing to nginx or something as it keeps crashing after a while (not ideal but it is managable).

HTH