[tor-commits] [flashproxy/master] Add "DOSLogDir /dev/null" to the example Apache configuration.

dcf at torproject.org dcf at torproject.org
Wed Oct 1 05:19:57 UTC 2014

commit 19a1c25901e60e00e9f29b95c47d3693255e6ddf
Author: David Fifield <david at bamsoftware.com>
Date:   Tue Sep 30 22:15:27 2014 -0700

    Add "DOSLogDir /dev/null" to the example Apache configuration.
    By default, mod_evasive creates a file in /tmp for every blocked client,
    with a name like dos-<IP address>. I didn't know this was going on, and
    found 1,659 such files on the facilitator dating back to May 2013. The
    contents of each file is just a PID, I think.
    This configuration option prevents the creation of such files. Blocked
    IP addresses still turn up, however, in the error.log that is not
    disabled, in lines that look like
    	[DATE] [error] [client X.X.X.X] client denied by server configuration: /usr/local/bin/facilitator.cgi
 facilitator/examples/fp-facilitator.conf.in |    3 +++
 1 file changed, 3 insertions(+)

diff --git a/facilitator/examples/fp-facilitator.conf.in b/facilitator/examples/fp-facilitator.conf.in
index f0e3968..bc86251 100644
--- a/facilitator/examples/fp-facilitator.conf.in
+++ b/facilitator/examples/fp-facilitator.conf.in
@@ -27,4 +27,7 @@ MaxClients 256
 	# requires mod_headers
 	Header add Strict-Transport-Security "max-age=15768000"
+	# Disable creation of dos-* log files in /tmp.
+	DOSLogDir /dev/null

More information about the tor-commits mailing list