1.4.18 + mod_evasive + ipv6
it seems there is a problem with mod_evasive when using together with IPv6. I am using a limit of 15 connections per IP. Once i enable IPv6 via "server.use-ipv6" (this is on linux) i get insane many 403 errors and alot of "connection turned away" errors in my log. Note: This happens only after enabling IPv6.
I am running a very high traffic website with over 500req/s on average.
Reproducing this is probably not easy since you would need alot of clients with different IP addresses.
I have tested this with 1.5.0 R1922 and it works fine there. I have been searching the ticket db but havent been able to locate anything or any note if there was indeed something fixed.
Updated by Anonymous almost 10 years ago
In contrary to my previous post: this is not fixed in 1.5.x. It happens there, too. It just takes more time to be visible but then its the same.
After all mod_evasive is unusable together with IPv6. This module should be considered broken.
Updated by Anonymous over 9 years ago
I was fearing that perhaps I made a mistake and didn't actually apply the patch or that the binary wouldn't have been updated, but that does not seem to be case - the error message is:
2008-06-02 19:51:09: (mod_evasive.c.175) ::ffff:188.8.131.52 turned away. Too many connections.
And line 175 in mod_evasive.c is exactly the log_error_write line after applying the patch.
Also available in: Atom