Limiting abusers from running 20 download threads from the same Apache server is easy now with mod_limitipconn. But the apache 2 module, mod_limitipconn, is not available under the latest Debian distribution, Lenny. In this mini how-to I will show you how-to manage this module to work for Debian Lenny users. The compile process of mod_limitipconn is a little bit more than “make install”.
First install apache prefork development utilities (we need apxs2 to compile our module)

[rb@randombugs]# apt-get install apache2-prefork-dev

After that, download source code of iplimit module from http://dominia.org/djao/limitipconn2.html and unpack it

[rb@randombugs]# tar xjvf mod_limitipconn-0.23.tar.bz2
mod_limitipconn-0.23/
mod_limitipconn-0.23/Makefile
mod_limitipconn-0.23/mod_limitipconn.c
mod_limitipconn-0.23/README
mod_limitipconn-0.23/ChangeLog
mod_limitipconn-0.23/INSTALL
mod_limitipconn-0.23/LICENSE
[rb@randombugs]# cd mod_limitipconn-0.23

Now open Makefile with an editor and change APXS=apxs to APXS=apxs2. Save the file and run make.

[rb@randombugs]# make
apxs2 -c mod_limitipconn.c
/usr/share/apr-1.0/build/libtool –silent –mode=compile –tag=disable-static i486-linux-gnu-gcc -prefer-pic -DLINUX=2 -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -D_REENTRANT -I/usr/include/apr-1.0 -I/usr/include/mysql -I/usr/include/openssl -I/usr/include/postgresql -I/usr/include/xmltok -pthread -I/usr/include/apache2 -I/usr/include/apr-1.0 -I/usr/include/apr-1.0 -I/usr/include/postgresql -I/usr/include/mysql -c -o mod_limitipconn.lo mod_limitipconn.c && touch mod_limitipconn.slo
/usr/share/apr-1.0/build/libtool –silent –mode=link –tag=disable-static i486-linux-gnu-gcc -o mod_limitipconn.la -rpath /usr/lib/apache2/modules -module -avoid-version mod_limitipconn.lo

If you don’t have make or any other compiler tool just run

[rb@randombugs]# apt-get install build-essentials

Normally the module should compile without any problem. If all succeed copy the module in apache2 modules folder.

[rb@randombugs]# cp .libs/mod_limitipconn.so /usr/lib/apache2/modules/

Now create limitipconn.load and limitipconn.conf in /etc/apache2/mods-available/ with the following content

limitipconn.load

ExtendedStatus On
LoadModule limitipconn_module /usr/lib/apache2/modules/mod_limitipconn.so

limitipconn.conf

# Example config for limitipconn
<IfModule mod_limitipconn.c>
<Location />
MaxConnPerIP 10
NoIPLimit image/*
</Location>
</IfModule>


mod_limitipconn is based on mod_status and for that you will need to enable both modules

[rb@randombugs]# a2enmod limitipconn
Enabling module limitipconn.
Run ‘/etc/init.d/apache2 restart’ to activate new configuration!
[rb@randombugs]# a2enmod status
Enabling module status.
Run ‘/etc/init.d/apache2 restart’ to activate new configuration!

After restarting apache ,your configuration will limit an IP at 10 connections simultaneously. Now depends on you on how many connections do you want to allow. Based on the Readme found on the limitipconn packages I will show you some quick examples

Example 1
You can limit globally your server at 10 connections per IP, let the /images/ folder without limit and limit your movies folder at 1 connection per IP.

<Location />
# global per-directory settings here
MaxConnPerIP 10
<Location /images>
# local per-directory settings here
NoIPLimit images/*
</Location>

<Location /movies>
# local per-directory settings here
MaxConnPerIP 2
</Location>
</Location>


Example 2
You can limit globally your server at 10 connections per IP, and all movies from /home/*/public_html to just 1 connection per IP

<Location />
# global per-directory settings here
MaxConnPerIP 5
<Directory /home/*/public_html>
# local per-directory settings here
MaxConnPerIP 1
OnlyIPLimit audio/mpeg video
</Directory>
</Location>


As you can see the mod_limitipconn know to do limitations based on mime type. For more informations just follow the README from limitipconn

Good Luck!