tor-commits

tor-commits@lists.torproject.org

October 2014

26 participants
1551 discussions

[flashproxy/master] Add "DOSLogDir /dev/null" to the example Apache configuration.
by dcf＠torproject.org 01 Oct '14

01 Oct '14

commit 19a1c25901e60e00e9f29b95c47d3693255e6ddf Author: David Fifield <david(a)bamsoftware.com> Date: Tue Sep 30 22:15:27 2014 -0700 Add "DOSLogDir /dev/null" to the example Apache configuration. By default, mod_evasive creates a file in /tmp for every blocked client, with a name like dos-<IP address>. I didn't know this was going on, and found 1,659 such files on the facilitator dating back to May 2013. The contents of each file is just a PID, I think. This configuration option prevents the creation of such files. Blocked IP addresses still turn up, however, in the error.log that is not disabled, in lines that look like [DATE] [error] [client X.X.X.X] client denied by server configuration: /usr/local/bin/facilitator.cgi --- facilitator/examples/fp-facilitator.conf.in | 3 +++ 1 file changed, 3 insertions(+) diff --git a/facilitator/examples/fp-facilitator.conf.in b/facilitator/examples/fp-facilitator.conf.in index f0e3968..bc86251 100644 --- a/facilitator/examples/fp-facilitator.conf.in +++ b/facilitator/examples/fp-facilitator.conf.in @@ -27,4 +27,7 @@ MaxClients 256 # requires mod_headers Header add Strict-Transport-Security "max-age=15768000" + + # Disable creation of dos-* log files in /tmp. + DOSLogDir /dev/null </VirtualHost>

1 0

Jump to page: