Apache限制虚拟主机网速「mod_bw」

配置VirtualHost

一,概念

下面是两个概念(注意区分大小写):

bps ( bits per second ) 位/秒 一般用作传输速率

Bps ( bytes per second ) 字节/秒 一般用作显示速度

1Byte = 8*1bit (1字节=8字位)

而我们通常所讲的2M带宽、10M带宽,一般是指10Mbit (10Mbps)

官方文档上BandWidth的单位:BandWidth [From] [bytes/s]

所以如果要限制某个虚拟主机的总带宽为1M,则:

BandWidth    all 131072 

// (1024*1024) bps/8 = 131072 Bps


二,配置指令

设置指令:

 3.1 - BandWidthModule [On|Off]

  You need to set this to On for the mod to work.. By default, the mod is

  disabled, and wont limit anything.

  Example :

       BandWidthModule On

 3.2 - ForceBandWidthModule [On|Off]

 

  By default, the mod wont catch every request.

  If you enable it, every request will be processed by the mod.

  

  Example :

       (normal use)

       AddOutputFilterByType MOD_BW text/html text/plain

       (enabling Force)

       ForceBandWidthModule On

 

 3.3 - BandWidth [From] [bytes/s]

  This takes 2 parameters. From is the origin of the connections. It could

  be a full host, part of a domain, an ip address, a network mask (i.e

  192.168.0.0/24 or 192.168.0.0/255.255.255.0) or all.

  The second parameter indicates the total speed available to the Origin.

  If speed is 0, there is no limit.

  Example :

      BandWidth localhost 10240

      BandWidth 192.168.218.5 0

      ( Order is relevant. First entries have precedence )


  As for version 0.8, an user agent matching capability was introduced.

  If you want to limit all clients using certain browser, you can limit

  doing this :

      BandWidth u:[User-Agent] [bytes/s]

  User agent is a regular expression which will match the one sent by the

  browser. This is easier to explain with examples :

  Example :

      BandWidth "u:^Mozilla/5(.*)" 10240

      BandWidth "u:wget" 102400

   First one, will match a browser that identifies itself as Mozilla/5(etc)

   Second one, will match a browser that has wget in any part of its id.


 3.4 - MinBandWidth [From] [bytes/s]

  This takes 2 parameters. From is the origin of the connections. It could

  be a full host, part of a domain, an ip address, a network mask (i.e

  192.168.0.0/24 or 192.168.0.0/255.255.255.0) or all.

  The second parameter indicates the minimun speed each client will have.

  What does this mean ? If you have a total of 100kbytes speed, and you put

  MinBandWidth at 50kbytes, it doesnt matter how many clients you have, all

  of them will have a minimun of 50kbytes of total speed to download.

  If speed is 0, you will be using the default minimun (256 bytes/s).

  There is a special value of -1. This value means that each client will

  have a top speed determined by the BandWidth directive. See the examples.

  Examples :

       BandWidth  all 102400

       MinBandWidth all 50000

 

       The example above will set a top speed of 100kb for the 1�

      client. If more clients come, it will be splitted accordingly but

      everyone will have at least 50kb (even if you have 50 clients)

       BandWidth  all 50000

       MinBandWidth all -1

       This example, makes everyone have 50kb as top speed.

 3.5 - LargeFileLimit [Type] [Minimum Size] [bytes/s]

  Type, is the last part of a file, or * for all. You can use .tgz to match 

  only tar-compressed files, .avi to match video files, or * to match all.

  Minimum Size, is the size (in kbytes) of the file, to be matched. That way

  you can match huge video files that hog your bandwidth.

  The last parameter... is obvious. The speed allowed.

  Example :

       LargeFileLimit .avi 500 10240

       This limits .avi files over (or equal to) 500kb to 10kbytes/s

 3.6 - BandWidthPacket [Size]

  Probably you never need to touch this. It defaults to 8192 which is good

  for almost any speed.

  It must be a size between 1024 and 131072. A Small packet will cause the

  top speed to be lower, and the mod using more time splitting. If you use

  a Size too big, the mod will adjust it to lower speeds.

   If you are using the mod in high speed networks, this is, you want to

  set limits of megabits/s, you will be better using packet sizes of

  16384, or 32768. 

 3.7 - BandWidthError [Error]

  This directive is useful to deliver a personalized error code.

  By default, when maxconnections is reached, the mod will issue a 503 

  HTTP_SERVICE_UNAVAILABLE code. For some users, it is annoying to have an

  error message, and don't knowing why. You could use an ErrorDocument to 

  point error 503 to a page explaining that you are under a heavy load of

  connections, but sometimes 503 is issued by the server for other reasons.

  So, with this directive, you can set the error code to return when

  maxconnections is reached. You can use any error code between 300 and 599.

  Please note, that some of the error codes are already used, so before using

  any number, take a look to a list of the codes (search for http error codes

  in google). 

  When testing, i've used the error code 510, which hasn't been defined yet.

  And Example, with Personalized Error Page :

   ErrorDocument 510 /errors/maxconexceeded.html

   BandWidthError 510

  Note : Sometimes, the personalized page didn't appear. I'm not sure, but

     in many cases, it got fixed, by making the page size over 1024bytes.

      Anyways, if you need help using ErrorDocument, refer to the apache

     Documentation.

 

 3.8 - MaxConnection [From] [Max]

  This takes 2 parameters. From is the origin of the connections. It could

  be a full host, part of a domain, an ip address, a network mask (i.e

  192.168.0.0/24 or 192.168.0.0/255.255.255.0) or all.

  The second parameter, is the max connections allowed from the origin. Any

  connection over Max, will get a 503 Service Temporarily Unavailable

  There is a catch. You NEED to have a BandWidth limit for the same origin.

  It doesnt need to be a low limit. But you need one. (unlimited, doesn't

  count)

  You might wonder why. It's because im using them same memory space of the

  bandwidth limit to count the connections, so i can save memory space.

  If you dont put a BandWidth using the same origin, MaxConnections will be

  ignored.

  Example :

       BandWidth all 102400000

       MaxConnection all 20

  or

       BandWidth all 102400000

       BandWidth 192.168.0.0/24 10240

       MaxConnection all 20

       MaxConnection 192.168.0.0/24 5


  As for version 0.8, an user agent matching capability was introduced.

  If you want to limit all clients using certain browser, you can limit

  doing this :

      MaxConnection u:[User-Agent] [Max]

  User agent is a regular expression which will match the one sent by the

  browser. This is easier to explain with examples :

  Example :

      MaxConnection "u:^Mozilla/5(.*)" 5

      MaxConnection "u:wget" 5

   First one, will match a browser that identifies itself as Mozilla/5(etc)

   Second one, will match a browser that has wget in any part of its id.

 Please, rememeber that every speed, will depend mostly on your connection.

 You can't get more speed if you dont have it.

 Remember also.. if you dont follow the instructions, and get some weird 

 results, recheck your config before sending me an email.

 3.9 - Status Callback

  

  Since v0.9, the mod can display a simple status page, showing stats from

 the running mod. This stats show the exact information being used by the mod

 to do the limiting in that second.

  For this to work, you need to set a handler on any vhost. You might want 

 to set this under an admin vhost, or set some policies to make it private.

 Your call.

  Example (let's assume the vhost is for 127.0.0.1) :

  

 <location /modbw>

  SetHandler modbw-handler

 </location>


  Now, you can get the status info at http://127.0.0.1/modbw

  ( Or download a CSV of the stats at http://127.0.0.1/modbw?csv )

  The information provided is the following :

  id : 0        // This is just a correlative number for each config.

  name : work.ivn.cl,all // The vhost name, and the scope of the rule

  lock : 0        // If the memory segment is being used (0 = no)

  count: 0        // Number of users connected to this rule

  bw : 0        // Bandwidth currently being used by the rule

  bytes: 0        // Number of bytes last sent. Only true if count>0

  hits : 0        // Number of times anyone has accesed this rule.

  Simple, yet useful !

------------------------------------------------------------------------------

4.- Examples

 4.1 - Misc examples

  Limit every user to a max of 10Kb/s on a vhost :

  <Virtualhost *>

   BandwidthModule On

   ForceBandWidthModule On

   Bandwidth all 10240

   MinBandwidth all -1

   Servername www.example.com

  </Virtualhost>


  Limit al internal users (lan) to 1000 kb/s with a minimum of 50kb/s , and 

 files greater than 500kb to 50kb/s.

  <Virtualhost *>

   BandwidthModule On

   ForceBandWidthModule On

   Bandwidth all 1024000

   MinBandwidth all 50000

   LargeFileLimit * 500 50000

   Servername www.example.com

  </Virtualhost>


  Limit avi and mpg extensions to 20kb/s.

  <Virtualhost *>

   BandwidthModule On

   ForceBandWidthModule On

   LargeFileLimit .avi 1 20000

   LargeFileLimit .mpg 1 20000

   Servername www.example.com

  </Virtualhost>


  Using it the "right" way, with output filter by mime type (for text) 

 to 5kb/s:

   

  <Virtualhost *>

   BandwidthModule On

   AddOutputFilterByType MOD_BW text/html text/plain

   Bandwidth all 5000

   Servername www.example.com 

  </Virtualhost>


  If you need help on doing more complex setup, post it in my webpage, or

 send me an email.

 


Apache 2.4以上版本,新增了mod_ratelimit,针对请求限流,不能针对IP。 

http://httpd.apache.org/docs/current/mod/mod_ratelimit.html

 

修改时间 2018-07-12

真诚赞赏,手留余香
赞赏
随机推荐
php合成与剪裁图片
CentOS 8 firewalld 防火墙操作
“关于”中故事删减之前
PHP 一次查询生成二维 Json
CentOS 8 源码编译安装 PHP 和设置 php-fpm
Vuex中的信息,刷新页面后,数据没有了的解决方案
重写了自己的 Node.js 爬虫
PS笔记
apache和php5.4无法开启curl
在IIS7中使用ARR(Application Request Routing)反向代理