Back in the early days of DDOS attacks this would have been a highly dangerous tool. Thankfully it is very easy to block a basic attack like this, so i don’t see the risk of explaining how to use this method. Apache has a tool built into it that will allow you to send a predefined number of requests to a website in order to see if it can handle the load. Here is what you need to do to benchmark a website using Apache.
Apache has a fantastic benchmark tool that you can use to check the performance of your website. If you are expecting a flood of traffic for some particular reason, it would be good to know if your server is capable of handling such a flood. This tool will give you a good idea on whether the server is going to be able to handle the load of traffic.
The format of the command is very simple. You can run it on any server that is using apache. Since most web servers that run apache, will be using some flavor of Linux, i will give you the linux command line method of performing this. The application is called ApacheBench. It may already be installed, but if it isn’t it should be easy to install it.
apt-get install apache2-utils
Once you have it installed you can run a quick test to see how your server handles it. The format of the request is very simple. The first number is the total number of requests you want to send and the second is the amount of requests you want to send at the same time (concurrently). The concurrent value is the most important as this is the one that is most likely to crash the server if it receives too many requests at once. You can play around with the values as you please.
The following command will send a total of 1000 requests to a single URL by grouping them in sets of 100 requests at a time. Make sure to include the “/” at the end of the website path.
ab -n 1000 -c 100 http://website.com/
If i run the above command against this website I get the following results.
Server Software: Apache
Server Hostname: yomotherboard.com
Server Port: 443
SSL/TLS Protocol: TLSv1.2,ECDHE-RSA-AES256-GCM-SHA384,2048,256
Document Path: /
Document Length: 148622 bytes
Concurrency Level: 100
Time taken for tests: 25.496 seconds
Complete requests: 1000
Failed requests: 0
Write errors: 0
Total transferred: 148908061 bytes
HTML transferred: 148622000 bytes
Requests per second: 39.22 [#/sec] (mean)
Time per request: 2549.582 [ms] (mean)
Time per request: 25.496 [ms] (mean, across all concurrent requests)
Transfer rate: 5703.60 [Kbytes/sec] received
Connection Times (ms)
min mean[+/-sd] median max
Connect: 40 1256 702.3 1207 2685
Processing: 33 1134 738.5 1212 2494
Waiting: 25 261 307.3 158 1896
Total: 122 2390 769.8 2273 4754
Percentage of the requests served within a certain time (ms)
100% 4754 (longest request)