path: root/doc/CHANGES.txt

Version 11.74 

- Fixed: Potential counter overflow for early event detection
  (increment before block) or log only mode.

Version 11.73

  This release introduces support of the PCRE2 (10.x) library in place of
  the now end-of-life PCRE version 1 (8.x) API.

 - Removes PCRE API dependency from mod_qos.c. The module no longer has an
   explicit dependency to the PCRE library but uses ap_pregcomp(),
   ap_regexec(), and ap_regexec_len() from ap_regex.h.
   Wrapping the PCRE (v1) and PCRE2 interface by the Apache httpd allows you
   to use either the old or the new API version (depends on locating
   pcre2-config). PCRE2 compatibility requires Apache httpd 2.4.53 or newer.

 - Support utilities migrated to PCRE2 API (version 10.x).
   Tested with PCRE2 version 10.41.

 - Removed compatibility to Apache 2.0 and 2.2.

Version 11.72

 - Improve the support of Apache "event" MPM by calculating
   a higher QS_MaxClients default value based on the
   AsyncRequestWorkerFactor setting.

Version 11.71

 - Removed directive QS_Chroot.

 - Minor code changes (improvements #39/#40 reported by
   Rainer Jung - many thanks).

 - QS_LogOnly also disables QS_EventKBytesPerSecLimit and
   QS_LocKBytesPerSecLimit (deactivates delay output filter).

 - Uses apr_temp_dir_get() to determine temp. directory for
   semaphores/shared memory (default used to be /var/tmp).
   Use QS_SemMemFile to override it.

Version 11.70

 - QS_ClientGeoCountryPriv skips clients whose IP address can't
   be mapped to a country code if the argument 'excludeUnknown'
   is specified.

Version 11.69

 - Internal: QS_SetEnvIf directives use an array to store all
   rules (to ensure they are applied in the order they appear
   in the configuration file).

 - Apache 2.4.49 compatibility fix introduced by mod_qos 11.68 is no
   longer applied for Apache version 2.4.50 and newer.
   'QS_ForcedClose off' could be used to enable gentle connection
   close handling manually.

Version 11.68

 - Compatibility with Apache 2.4.49 (avoid segfault when returning
   error code in pre-connection hook / issue similar to CVE-2017-3169).

Version 11.67

 - The QS_LogEnv directive can be used to enable environment variable
   logging. mod_qos writes all environment variables which are set when
   entering a handler to the log.

Version 11.66

 - QS_ClientIpFromHeader supports pseudo IP by creating a hash
   of a HTTP request header's value if the header name is prefixed
   by '#', e.g. #Authorization to use the HTTP basic auth header.
   It's also possible to use the client's SSL client certificate's
   subject and issuer DN if you specify #SSL_CLIENT_S_DN instead
   of a real HTTP header name.
   Note: Does not work for IP geolocation.

Version 11.65

 - Fixed: QS_SrvMinDataRate did not enforce (log only) min data rate
   in simple mode (only one arg).
   Improved min. data rate calculation and updated documentation.

 - Fixed: Several typos in documentation.

Version 11.64

 - Updated request header filter rules (allows signed HTTP exchanges content
   type in Accept header).

 - qsgeo: New pattern to detect "readable" format (no longer adding IP address
   range twice for some file formats).

 - QS_Status: adds the QS_AllConn variable to the maxClients object.

Version 11.63

 - Adds the option 'jsredirect' to the QS_UserTrackingCookieName directive:
   Client (browser) has to use Javascript within the cookie check page
   to fetch the cookie and to redirect the client back to the initially
   requested page (adding Javascript to the cookie challenge).
   SSI variables to be used in the HTML page / Javascript:
   - QS_UT_QUERY: query string to call (ajax) the cookie page again to
                  obtain the cookie.
   - QS_UT_NAME: name of the cookie
   - QS_UT_INITIAL_URI: initial page to redirect to
   Sample page: http://mod-qos.sourceforge.net/cookie-ir.shtml

Version 11.62

 - Machine-readable version of the status viewer does no longer
   show QS_SrvMaxConn* counters for virtual hosts using the base
   server's configuration and counter.

 - New directive QS_MaxClients.

Version 11.61

 - QS_SrvMaxConnPerIP can handle more than MaxClient IP addresses
   (if the server opens new connections faster than closing old)
   and enables memory block distribution by default.

Version 11.60

 - Fixed: Wrong connection counter (total server connections stored in the
   QS_AllConn variable) when using SrvMaxConn* directives globally only but
   other QS_* directives within virtual hosts. Bug influenced
   QS_SrvMinDataRate behavior as well (activating and increasing the min.
   data rate too fast).

Version 11.59

 - QS_EventRequestLimit writes the current counter value to the
   QS_EventRequestLimit_<env-variable>_Counter environment variable.

 - New directive QS_SetEnvIfCmp.

Version 11.58

 - Adds directive QS_UnsetReqHeader.

 - Removes version information in automake configure script (utilities).

Version 11.57

 - Adds qsrespeed and qsre (previous "regexspeed" and "regex" dev tool)
   to the support utilities.

Version 11.56

 - Non-functional: Changed QS_Status invocation timer implementation.

 - Adds qsdt (previous "duration" dev tool) to the support utilities.

Version 11.55

 - qslog: "-l" supports files with huge gaps (missing lines).

 - QS_SetEnvIf and QS_SetEnvIfQuery directives can be used within Location
   configuration.
 
Version 11.54

 - Introduces the QS_Block_Decrement variable.

Version 11.53

 - Adds CORS headers to the default QS_RequestHeaderFilter and
   QS_ResponseHeaderFilter rule set.

 - qslog: shows also the distribution of response durations faster than
   a second within the following intervals:
   * 0-49ms
   * 50-99ms
   * 100-499ms
   * 500-999ms
  
Version 11.52

 - Fixed: QS_LimitRequestBody did not work for chunked requests
   when used in Apache 2.4.

 - QS_Status uses the server's base configuration settings while logging
   allowing to configure a custom log format using ErrorLogFormat.
   
 - qssign's verification mode supports graceful restart (sigusr1) where
   two qssign processes are running (one with the old sequence
   counter and the new one starting at 1).
   
Version 11.51

 - Adds process-connection handler to close the connection in the case the
   abort by the pre-connect hook was ignored (workaround for bug in
   Apache 2.4.28 Event MPM ignoring the connection abort) (msg id 167).

 - Uses module name in log index.
 
Version 11.50

 - Changes pre-connection hook dependency (called later but still before
   mod_ssl).

Version 11.49

 - Adapted connection handling to deal with master/slave connections
   (introduced by Apache 2.4.18) avoiding inconsistent connection counters.

Version 11.48

 - Detects unexpected connection dispatching to old child process to avoid
   invalid connection counter state for QS_ClientPrefer rules (msg id 166).

Version 11.47

 - Updates built-in filter pattern of QS_HeaderFilter (Transfer-Encoding).

 - qslog standard mode supports peak/max value counter (M).

 - Fixed: potential segfault if connection ctx is null when using h2.

Version 11.46

 - Updates built-in filter pattern of QS_HeaderFilter.

Version 11.45

 - QS_ClientEventRequestLimit supports the QS_ClientIpFromHeader directive.

Version 11.44

 - New directive QS_CondEventLimitCount.

 - QS_EventLimitCount (and QS_CondEventLimitCount) counter may be decremented
   by environment variable suffixed by "_Decrement".

 - Slightly changed unique-id generator (shorter).

Version 11.43

 - Fixed: QS_IsVipRequest was not set if QS_ClientPrefer hasn't been
   used.

Version 11.42c

 - qslog supports QSCOUNTERPATH (-pc mode) environment variable which
   defines a file containing a list of QS_ClientEventLimitCount rules.
   The 'E' format character defines the event string in the log
   to match (literal string) the event1 and event2 event names against.

   Rule syntax: <name>:<event1>-<n>*<event2>/<duration>=<limit>

   Example mod_qos config:
    QS_ClientEventLimitCount 20 600 QS_LimitEv
    QS_SetEnvRes Event AU04 QS_LimitEv
    QS_SetEnvRes Event AU05 QS_LimitEv_Decrement=2
   Sample qslog rule:
    QS_LimitEv:AU04-2*AU05/600=20

   Special us case matching against the HTTP status code ('S' character)
   is used if the rule 'name' starts with STATUS.
   Example mod_qos configuration:
    QS_ClientEventLimitCount 10 300 QS_LimisS
    QS_SetEnvIfStatus 400 QS_LimitS=1
    QS_SetEnvIfStatus 405 QS_LimitS=1
    QS_SetEnvIfStatus 406 QS_LimitS=1
    QS_SetEnvIfStatus 408 QS_LimitS=1
    QS_SetEnvIfStatus 413 QS_LimitS=1
    QS_SetEnvIfStatus 414 QS_LimitS=1
    QS_SetEnvIfStatus 500 QS_LimitS=1
   Sample qslog rule:
    STATUS:400_405_406_408_413_414_500-1*X/300=10

Version 11.42

 - Message mod_qos(034) indicates (by "in:0") when the server not even
   received a request line on a TCP connection (potentially a speculative
   TCP pre-connection).

 - qslog -pc mode supports peak/max value counter (M).

 - qsrotate supports line-by-line data processing prefixing every line
   by a timestamp when using the option "-d", e.g. for batch/script 
   output logging.

 - qsrotate supports option "-m" to define the file permissions.
 
Version 11.41

 - Fixed: wrong default file size used by qsrotate.
 
 - qsrotate supports signal USR1 to perform a file rotation manually
   at any time.

Version 11.40

 - mod_qos and all utilities are now distributed under the Apache License.

Version 11.39

 - New directive QS_EventCount to enable an error message event counter
   (counters are shown in the machine-readable status view).

 - Adds clientContentTypes statistics to the status view.

Version 11.38

 - New directive QS_SrvMinDataRateIgnoreVIP and QS_SrvMaxConnPerIPIgnoreVIP.

 - QS_ClientEventLimitCount may be decremented or cleared by environment
   variable (suffixed by "_Decrement", e.g. QS_Limit_Decrement).

 - QS_MileStone sets cookie also within error filter supporting redirects
   even not reaching the handler.

Version 11.37

 - Fixed: wrong include in qspng.c

 - Console: dump shows time of last db access (seconds since epoch).

 - Adds clientContentTypes to QS_Status.

Version 11.36

 - Fixed: moves code from "process connection" hook to the "pre
   connection" hook for Apache 2.4 compatibility and higher efficiency.

 - Lower severity of message 036 to critical.

Version 11.35

 - Fixed: potential segfault by mod_ssl in ssl_io_filter_disable()
   when closing a connection after a failed SSL handshake (CVE-2017-3169).

Version 11.34

 - New variable QS_SetEnvIfResBodyIgnore which might be used to
   deactivate QS_SetEnvIfResBody.

 - mod_qos_ev: sets "v" if an IP is marked as VIP.

Version 11.33

 - QS_ClientLowPrio variable's value contains the status flag representing
   the tracked attributes.

 - Sets QS_IsVipRequest variable for marked IP addresses at connection
   processing handler and propagetes it to every request.

 - Fixed: message 045 (uri check ignores log-only mode).

Version 11.32

 - Header filter: accepts region specific language codes in 
   Accept-Language request header by default.

 - Compiles also against OpenSSL 1.1.0b.

Version 11.31

 - QS_SetReqHeader supports header removal (unset) by prefixing
   the header name with "!".

 - QS_SetEnvIfResBody supports variable removal (unset) by 
   prefixing the variably with "!".

 - New cookie data format (user tracking, vip, milestones).

Version 11.30

 - qslogger supports option "-x" (adding a prefix to every message).

 - Fixed: calculation of MaxClients for MPM prefork binary (bug reported
   by Fergus - thanks!).

Version 11.29

 - mod_qos_ev variable sets character "u" if server is accessed by a
   client without a user tracking cookie (but QS_UserTrackingCookieName
   has been configured).

 - Minor (non-functional) DSCP implementation code changes (incl. new log
   messages).

 - Adds mod_qos events "qA" and "qu" to qslog and the output of event
   counters (q*) has been made optional.

Version 11.28

 - New variable "QS_Set_DSCP" to set the IP differentiated services code
   points (DiffServ / RFC 2474).

 - QS_RedirectIf also supports 301.

Version 11.26

 - Changed: QS_SrvMaxConn* directive counter's inheritance from the base
   server to virtual hosts is no longer coupled to other QS_* directive
   rules. This means, that a virtual host uses the very same counters
   as the base server as long as neither QS_SrvMaxConn, QS_SrvMaxConnClose,
   nor QS_SrvMaxConnPerIP has been configured within the virtual host.

Version 11.25

 - QS_ClientEntries max. value is now limited to 10000000.

 - New "special code" 'BrokenConnection' for the QS_SetEnvIfStatus
   direcive.

Version 11.24

 - Fixed: Apache 2.4 had nested error page when using QS_ErrorPage
   (bug introduced by version 11.22).

Version 11.23

 - Directive QS_SetEnvIf supports single variable match.

 - qslog -p:
   * fallback to simple hour/minutes detection
   * Fixed: writes now statistic line at the "next" minute (m+1:00)

Version 11.22

 - Disables client behavior (content type) measurement if
   QS_ClientPrefer has been disabled.

 - Minor changes to the status viewer.

 - Fixed: segfault when using HTTP/2.

Version 11.21

 - Fixed: Implemented graceful restart detection for Apache 2.4
   to properly free shared memory and mutexes (prevents from
   leaking while doing graceful restarts).

 - Disables keep-alive enforcement for MPM event binaries.

Version 11.20

 - Adds filter (option -f) to qssign.

 - Revised QS_ClientPrefer implementation (improved attribute weighting)
   and the log messages 063/064 have been merged into message 066.

Version 11.19

 - Updates User-Agent header field pattern for the default
   QS_RequestHeaderFilterRule rule set and adds the
   Upgrade-Insecure-Requests header.

 - QS_ClientGeoCountryDB is able to read IP2LOCATION csv file without
   prior transformation (country code '-').

 - Fixed: QS_ClientIpFromHeader used to determine country code
   (QS_ClientGeoCountryDB) even the country could not be determined
   for the connection address (incomplete IP list).

Version 11.18

 - New directive QS_Status.

 - QS_SrvSampleRate must be greater then one second.

 - Avoids using RAND_bytes() and checks if the generator is seeded with 
   enough entropy (mod_qos(08x) messages).

 - Calculates MaxClients (instead of reading the directive).

Version 11.17

 - QS_SetEnvIfStatus supports QS_SrvMaxConnPerIP to increment the
   QS_Block event variable.

 - qssign features the option "-a" to define which algorithm to use.

 - Enables QS_SrvMinDataRate, QS_SrvDataRateOff, and
   QS_SrvMinDataRateOffEvent for Apache 2.4 as smoke test against
   Apache 2.4.12 and 2.4.16 was now successful (MPM worker and event).
   The QS_KeepAliveTimeout and QS_MaxKeepAliveRequests directives have 
   been disabled for the MPM event. Apache 2.4 is still not fully tested.

Version 11.16

 - Adds timeout option to the QS_SrvSerialize directive.

Version 11.15

 - Increased severity of message 035 and 036 from critical to alert.

 - Lowered severity of messages 100, 009, and 007 from emergency to
   critical.

 - QS_RedirectIf directive supports 307 response code.

 - Set *_Counter variable of QS_EventLimitCount within post read request
   handler.

 - QS_ClientSerialize honors the sequence of receiving requests (fifo) in
   order to support requests from different clients accessing the server
   via a proxy.

 - Fixed: potential deadlock (when reaching the 5min timeout) when using
   the QS_SrvSerialize directive.

Version 11.14

 - New directive QS_SrvSerialize.

Version 11.13

 - Adds option "-u" to the qslogger and qssign utilities.

 - QS_MileStone features a "think time" attribute which defines how long
   a client must wait between two milestones.

Version 11.12

 - Propagates the variables used by QS_ClientEventLimitCount to sub-requests
   making them available within SSI pages.

 - New QS_ClientEventLimitCount variable suffixed by "_Remaining" containing
   the remaining time in seconds a client is still blocked (to be used
   within error pages to show a client how long he has to wait until he
   might proceed).

 - New variable QS_MaxKeepAliveRequests.

Version 11.11

 - QS_Limit (resp. the event variable processed by the
   QS_ClientEventLimitCount/QS_CondClientEventLimitCount directives)
   event may specify a weighting of events defining by how many penalty
   points the counter shall be increased. Default is 1.

Version 11.10

 - Adds qslog command to the module (dedicated statisic log facility on
   a per Apache server instance basis).

Version 11.9

 - QS_Block event may specify a weighting of events defining by how many
   penalty points the counter shall be increased.

 - Fixed: enables per client data store when using the QS_VipIPHeaderName
   together with the QS_SrvMaxConn[PerIP] directive.

Version 11.8

 - New console command 'inclimit' increments the
   QS_ClientEventLimitCount rule counter.

 - Adds the option "<domain>" to the QS_UserTrackingCookieName
   directive.

Version 11.7

 - Man page for the module itself.

 - Adds option "session" to QS_UserTrackingCookieName.

Version 11.6

 - Adds "Public-Key-Pins" and "Public-Key-Pins-Report-Only" to the
   pre-defined list of allowed HTTP response header fields.

 - Adds "Origin" to the pre-defined list of allowed HTTP response header
   fields.

 - Fixed: qsrotate reads the size of an existing logfile at startup
   (required by the "-b" option).

Version 11.5

 - qslog: improved performance.

 - Minor code refactoring.

 - Some log messages (010, 012, 013, 030, 031, 034, 040, 041, 042, 043,
   044, 046, 047, 048, 060, 063, 064, 065, 067, 101) indicate if 
   QS_LogOnly mode is active.

 - Apply QS_LogOnly to header filter (action drop).

 - qsgeo option "-l":
   * adds the IP address if missing
   * fixed: unintentional dropping of valid lines
   * may be used to normalize "ip2location lite" DB1 files
   * option "-v" to print all error messages

Version 11.4

 - Adds request ID to console log messages (07*).

 - qslog supports writing to stdout (if "-o <out_file>" is omitted).

 - qslog: improved performance.

Version 11.3

 - New directive QS_ClientEventBlockExcludeIP.

 - Minor changes to the status viewer.

 - Modified error messages 060 and 067 (adding the "age" parameter which
   indicates the seconds since the event occurred the first time).

 - Fixed: Message 065 contained wrong directive name.

Version 11.2

 - Adds variable QS_ResponseDelayTime showing the delay time (us)
   calculated for response throttling.

 - New variable QS_Timeout.

Version 11.1

 - Fixed: Shows "T" log marker only for requests which has really been
   delayed by mod_qos.

 - Further improved bytes/sec limitation implementation.

Version 11.0

 - Highly improves bytes/sec limitation (response throttling) based on
   the input I got from Jeff Trawick - many thanks!
   * Calculates delay within filter (immediately(!) when reaching the
     defined amount of bytes).
   * Uses nanoseconds delay (instead of milliseconds).
   * Splits large bucket brigades to 8k blocks (support for local files,
     not using mod_proxy).
   * Inserts filter late (after mod_deflate).

 - User tracking: set Cache-Control header when accessing the cookie
   check page.

 - QS_UserTrackingCookieName: improved cookie header processing.

 - Fixed: 'qslog -pc' does no longer require 'S' nor a date.

Version 10.30

 - QS_SetReqHeader features the option 'late'.

 - New console output (without ':' suffix for the IP address).

 - Console 'search', 'limit', and 'unlimit' command support now the 
   'event' parameter specifying which QS_ClientEventLimitCount event
   variable to show/set/clear.

Version 10.29

 - Supports IPv6 clients.

Version 10.28

 - Fixed: QS_ClientEventLimit did overwrite counters of other clients if
   multiple events have been configured.

Version 10.27

 - qslog features the option "-pu" and "-puc" used to gather request
   information on a per URL basis.

 - Fixed: Wrong includes within the support utilities.

 - Extends QS_ClientSerialize max. timeout from 1 to 5 minutes.

Version 10.26

 - QS_ClientSerialize supports the QS_ClientIpFromHeader directive.

 - Refactor method used to determine redirect port (user tracking)
   supporting servers not using virtual hosts.

 - Fixed: QS_UserTrackingCookieName uses correct server_rec to retrieve
   configuration.

 - Hook implementing user tracking is now called after mod_unique_id.

 - Slightly changed unique-id generator.

 - Adds fflush() to qsgrep utility when writing data to stdout.
 
Version 10.25

 - QS_EventLimitCount writes the current value to the process environment
   variables.

 - Fixed: QS_[Cond]ClientEventLimitCount logs request id and propagtes
   message code (067) to the QS_ErrorNotes variable.

 - New variable QS_IPConn representing the number of connections opened
   from the very same source IP (works in conjunction with
   QS_SrvMaxConnPerIP only).

Version 10.24

 - New directive QS_CondClientEventLimitCount.

 - QS_SrvMinDataRate: limits the max. data rate to the configured value
   (prevents invalid rate due to misconfiguration server or died child
   process).

Version 10.23

 - Fixed: QS_ClientEventLimitCount log message 067 contains now the IP
   address of the request header if QS_ClientIpFromHeader is used.

 - QS_SetEnvRes: supports multiple variables with the same name.

Version 10.22

 - Process QS_SetEnvResHeader(Match) and QS_SetEnvRes at error filter too.

Version 10.21

 - Fixed: qslogger may had detected the wrong message severity.

 - Adds debug message when detecting "NullConnection" events.

 - Built-in request header rules: adapt If-Match, If-None-Match, Cookie,
   and Cookie2 HTTP header patterns.

Version 10.20

 - Fixed: QS_CondLocRequestLimitMatch did work only if other QS_Loc*
   directive had been configured.

Version 10.19

 - New directive QS_RedirectIf.

Version 10.18

 - QS_ClientEventLimitCount may be cleared by environment variable
   (suffixed by "_Clear", e.g. QS_Limit_Clear).
 
Version 10.17

 - QS_ClientEventLimitCount supports unlimited number of events.

 - Stores the value of the QS_ClientEventLimitCount variables as
   environment variables suffixed by "_Counter", e.g. QS_Limit_Counter
   for the default QS_Limit variable, in order to be processed by other
   rules.

 - Add Content-Security-Policy to the default response header allow list.

 - qslog features enhanced "-pc" mode providing more information:
   * Collects content type information (%{content-type}o).
   * Duration between the first and the last request.
   * Average response in ms.
   * "ci" indicates if we have seen the client at the end or the
     beginning of the file (maybe not all requests in the log due to
     log rotation).
   * Bytes downloaded.
   * Writes status characters to stderr.
   * HTTP request methods (GET/POST)

- qsgeo features option "-l" and is able to process "qslog -pc" files.

Version 10.16

 - qslog adds 'E' (event identifiers) to the format string. QSEVENTPATH
   environment variable specifies a file containing all known event
   names (comma separated list).

 - qslog average counter (a/A) count only if a numeric value is available.

 - qssing does not try to execute invalid program name (space only).

Version 10.15

 - qsrotate supports DST and offset to UTC.

 - Add the "connections" argument to the QS_SrvMaxConnPerIP directive
   to disable the rule enforcement on idle web servers.

Version 10.14

 - Minor changes to status viewer (color for QS_EventLimitCount counter).

 - Q3594444: adapted man page subject.

 - QS_ErrorResponseCode verifies that the defined error code is valid
   resp. known by Apache.

 - Add option "-b" to the qsrotate utility.

Version 10.13

 - Add new directive QS_EventLimitCount.

Version 10.12

 - Fixed: Per-client status viewer did not show numbers correctly
   (depending on the platform it has been compiled for).

Version 10.11

 - Don't write QS_ClientEventBlockCount event messages (060) every time
   a client is blocked.

 - Adjust log message severity of permitted QS_SrvMinDataRate rule
   violations from 'info' to 'debug'.

Version 10.10

 - Add DNT HTTP request header to the default request header allow list.

 - qslog "-pc" supports counting established connections.

 - Fixed: Endless loop when using option "-c" with only one rule.

 - New utility qshead.

Version 10.9

 - Q3535677: Don't use prce_info() any longer.

 - qslog option "-x" allows the specification how many files to keep.
   Default are 14 days.

 - qslog counter 'a', 'A', and 's'.

 - Adapted log message mod_qos(069)

 - QS_ClientIpFromHeader@logger searches for the header in r->prev and
   r->main too.

Version 10.8

 - Fixed: QS_SetEnvIfResBody did not properly detect pattern.

 - qslogger features severity filter (forward only messages with a
   matching/higher severity) and adjustable default severity for those
   log lines which do not contain the severity pattern.

Version 10.7

 - Writes notice message at server startup if the Apache version is not
   supported (mod_qos has been implemented for Apache 2.2 worker
   binaries only resp. Apache 2.0 is no longer supported).

 - Use pcre_study() API call only if QOS_EXTRA_USE_PCRE_STUDY has been
   defined while compiling mod_qos.

 - Adds fflush() to qslogger/qsexec/qsgeo/qslogger utility when writing
   data to stdout.

Version 10.6

 - qslog measures average response time in milliseconds (avms).

 - Fixed: Viewer shows number of per client ip connections if no server
   limitations are set (query "option=ip").

 - Fixed: qslogger did not compile on non-Linux platforms.

Version 10.5

 - New utility: qslogger.

 - JSON includes array index number (note: you need to adapt existing
   JSON rules).

 - Experimental: mod_qos compiles with Apache 2.4
   * QS_SrvMinDataRate is not available (does not work, use mod_reqtimeout
     instead)
   * QS_Srv* directives shall not be used (connection cleanup takes
     very long)

Version 10.4

 - Improved qs* utility performance. 

Version 10.3

 - Fixed: ABR in QS_SetEnvIfResBody.

Version 10.2

 - Fixed: QS_Milestone uses now URL decoding before applying the
   expression (pcre).

 - Add the qsgeo utility to the distribution archive file.

 - Fixed: Suppress warning message about missing mod_unique_id if 
   mod_navajo.cpp is available.

 - New connection correlation id QS_ConnectionId (available as
   an event for logging purposes).

Version 10.1

 - QS_ClientIpFromHeader may be used to set QS_Country variable.

 - Viewer shows QS_AllConn variable.

Version 10.0

 - New directives QS_ClientGeoCountryDB and QS_ClientGeoCountryPriv.

 - New variables: QS_AllConn and QS_Country.

Version 9.79

 - Fixed: Wrong IP conversion (str2long) used by console and
   QS_ClientIpFromHeader.

Version 9.78

 - Fixed: QS_UserTrackingCookieName enforcement did not work if server
   creates internal redirect.

Version 9.77

 - Use pcre_study() and match_limit where applicable.

 - qslog features the option "-c" to collect separate statistics,
   e.g., for different URLs.

 - qslog features the option "-pc" used to gather request information
   per client.

 - New directive QS_SrvSampleRate (may be used to adjust the
   QS_REQ_RATE_TM sample rate at runtime/post compilation). Not
   documented.

 - Fixed: qslog line parsing bug (double backslash).

Version 9.76

 - New directive QS_ClientIpFromHeader (may be used in conjunction with
   QS_ClientEventLimitCount only).
 
 - qslog measures new connections per minute (%k == 0).

 - Fixed: Don't show connections in the overview if not measured.

 - Internal: QS_EventRequestLimit are added (instead of set) to the event
   table in order to prevent multiple increments by the very same request.

Version 9.75

 - New directive QS_SetEnvRes.

 - Viewer keeps value about the last measured kbytes/second result for
   a longer time.

 - Update documentation (description of QS_LocKBytesPerSecLimit* 
   directives).

Version 9.74

 - Fixed header file in qsfilter2 (possible compile problems).

 - Fixed pre connection handling for outgoing (mod_proxy) connections.

Version 9.73

 - Q3429879: Format usage text of the mod_qos utilities to man page
   format. Use "<utility> --man" to generate the man page.

 - Make "NullConnection" detection (known by QS_SetEnvIfStatus) more
   aggressive.

Version 9.72

 - Module tries to detect a suitable default error document for
   QS_ErrorPage automatically.

 - New status "NullConnection" known by QS_SetEnvIfStatus detecting
   TCP connections which are not used to send a HTTP request (closed
   without transmitting HTTP request line and header or denied by any
   other module).

 - QS_ClientEventBlockCount is processed at pre_connection hook (more
   aggressive, before mod_ssl).

 - Suppress warning message about missing mod_unique_id if mod_navajo is
   available.

Version 9.71

 - QS_RequestHeaderFilterRule and QS_ResponseHeaderFilterRule may be
   configured within a host (outside location).

 - QS_ResponseHeaderFilterRule features the action "silent" which drops 
   header silently without writing a log message.

 - Headers X-Content-Type-Options and X-XSS-Protection has been added to
   the default response header rules.

 - Fixed: Bug in JSON parser.

 - Fixed: Propagation of Apache environment variables to sub-requests
   (solves bug when using QS_ClientEventBlockCount and ErrorDocument).

Version 9.70

 - QS_EventPerSecLimit and QS_EventKBytesPerSecLimit counters are no
   longer updated if a request has already been denied by a
   QS_EventRequestLimit rule.

 - QS_LocRequestPerSecLimit* and QS_LocKBytesPerSecLimit* counter are
   no longer updated if a request has already been denied by a
   QS_LocRequestLimit* rule.

 - Adjust attributes/number of requests required to identify the client
   behavior.

 - Update request header allow list rule for Content-Type.

Version 9.69

 - Client behavior (content type a client is downloading) is calculated
   in a percent of the whole traffic type distribution. The directive
   QS_ClientTolerance supports only values between 5 and 80.

 - Add directive QS_ClientContentTypes to define the normally downloaded
   content types statically (instead of self learning).

 - Detection if module has been build for a different MPM implementation
   than the server is using at runtime.

 - JSON parser processes request query (if starting with an array '[' of
   object '{') if no body is available.

 - qssing supports additional log format detection.

 - qslog supports request time duration measurement in milli- and
   microseconds too (t and D instead of T).

 - qslog isolates numeric values (B, i, T, t, D, S) even they are
   surrounded or prefixed by other characters, e.g. time="<number>".

 - qslog treats single quoted string with (short) leading name and eaual
   sign (e.g., agent='Mozilla 1') as single element (offline mode only).

 - qslog extracts additional time formats (offline mode).

 - Added "X-Do-Not-Track" to the built-in request header allow list.

 - Minor changes within the status viewer (machine-readable view).

Version 9.68

 - Change in order to support HP-UX.

Version 9.67

 - Fixed: QS_ClientSerialize has required other client level control
   directive.

Version 9.66 

 - Client data store updates entry time stamp every access.

Version 9.65

 - Fixed: Could not compile the support utility qscheck.

 - qsexec features option "-c" (pattern clearing the event counter).

Version 9.64

 - New utility: qsexec

 - Dynamic client data store partition (depending on the size of the
   store as defined by QS_ClientEntries) for improved performance.

Version 9.62

 - Some code refactoring (performance improvements, no functional
   changes).

Version 9.61

 - New directive QS_LogOnly may be used to disable rule enforcement
   (permissive mode).

 - Minor changes within the status viewer.

 - "QS_SetEnvIfStatus QS_SrvMinDataRate QS_Block" limits the allowed
   number of QS_SrvMinDataRate rule violations.

Version 9.60

 - Fixed: QS_ClientEventBlockCount/QS_ClientEventLimitCount get not reset
   if client causes events continuously.

Version 9.58

 - Fixed: IP does not get marked as VIP if QS_ClientPrefer has not been
   defined.

 - New variable QS_ErrorNotes.

 - Add "Transfer-Encoding" (very strict) to the built-in request header
   allow list.

Version 9.57

 - Status viewer features query name "refresh" which causes the browser
   to reload the page every 10 seconds.

Version 9.56

 - Clear per client data store counters at graceful restart to prevent
   dead enties (counter grow) due unclear client shutdown.

 - qsfilter2 features url filter (-f).

 - QS_ClientSerialize does not block for more than 10 minutes.

Version 9.55

 - Minor changes in configure script (autotools) of the support utilities
   (png library name).

 - Add allowed response header X-Content-Security-Policy.

 - Fixed: qslog cuts last character if parameter is at end of line.

 - Fixed: qsfilter2 handling of 0 byte characters.

Version 9.54

 - QS_SetEnvIf may unset a variable.

 - New variable QS_IsVipRequest.

Version 9.53

 - Re-introduce qscheck to the support utilities tarball.

Version 9.52

 - Double per client data store speed (insert new entries) by partitioning
   of odd and even ip addresses.

 - Overview section in qos viewer (showing connections and load).

 - Remove packet-rate measurement.

Version 9.51

 - Set IP based VIP status to connection even before we receive the
   HTTP request.

 - New argument "connections" for the QS_SrvMinDataRate directive allows
   to disable the limitation if the server is idle/has only little
   traffic.

 - Adapt built-in request header filter rules.

Version 9.49

 - Adapt built-in request header filter rules.

 - New utility: qsgrep.

 - Change process order: process QS_SetEnvResHeader after
   QS_SetEnvResHeaderMatch.

 - New directive QS_UnsetResHeader.

 - New directive QS_ClientEventLimitCount (works similar as
   QS_ClientEventBlockCount but enforces rule at request level only).

Version 9.48

 - qslog supports mod_logio (%I and %O).

 - Re-introduce deprecated QS_SetEnvStatus directive (for backwards
   compatibility).

Version 9.47

 - QS_SetEnvIfStatus may be used within Locations.

 - Sequence: execute QS_SetEnvIfStatus earlier (before 
   QS_SetEnvResHeader).

 - Remove directive QS_SetEnvStatus (alias for QS_SetEnvIfStatus).

Version 9.46

 - QS_VipUser/QS_VipIpUser detects r->user earlier (@fixup).

 - QS_KeepAliveTimeout allows value "0" disabling keep-alive.

 - Process QS_KeepAliveTimeout variable at response too.

 - QS_SetEnvIfStatus may be specified multiple times for the same
   response code.

 - QS_SetEnvIfStatus accepts the definition of a variable value.

Version 9.45

 - Add directive QS_ClientSerialize.

 - qslog used new parameter names for event message counts.

Version 9.44

 - Add directive QS_DisableHandler.

Version 9.43

 - QS_ClientEventBlockCount rule violation marks client to have low 
   priority.

Version 9.42

 - Console "action=search&address=*" returns a list of all clients.

 - Fixed: Removes the apr_shm_destroy() calls to avoid double-free
   errors on Linux with old APR library versions.

Version 9.41

 - Fixed: Console action 'block' did not set event number.

Version 9.40

 - Fixed: Search IP in console

 - Fixed: User tracking set-cookie is set twice.

 - Process QS_SetEnvIfStatus on internal errors (protocol).

Version 9.38

 - Web console allows the modification of attributes of entries within
   the client data store.

 - Status viewer supports query "ip" (showing the IP addresses of the
   connected clients for all open TCP connections) in machine-readable
   version.

 - Status viewer used new delimiter within rule names on machine-readable
   version (query "auto").

Version 9.37

 - Changed QS_ClientPrefer behavior:
   - never block VIP IP
   - step 1 denies slow marked clients only

 - Set the QS_ClientLowPrio variable for clients with low priority.

 - qssign: add option "-e" which ensures we don't lost any lines.

 - Update built-in header validation pattern.

Version 9.36

 - QS_SrvMinDataRateOffEvent processing at fixup (request).

 - Use apr_time_t instead of time_t.

Version 9.34

 - qslog counts response status codes per minute.

 - Use apr_time_t instead of time_t.

Version 9.33

 - User tracking cookie enforcement may be disabled by setting the 
   DISABLE_UTC_ENFORCEMENT environment variable, e.g. for certain
   User-Agent headers.

Version 9.32

 - Status viewer returns "text/plain" for request query 'auto'.

Version 9.31

 - qsfilter2: encode double quotes and backslashes using their hex values
   (no escaping within Apache configuration necessary).

 - Featuring JSON parser which may be used in conjunction with
   QS_PermitUri.

Version 9.30

 - Fixed: qsfilter2 did not compile with OpenSSL 1.0.0.

Version 9.29

 - Add Strict-Transport-Security to the default response header rules.

 - Directive QS_UserTrackingCookieName features an optional "path"
   attribute. This path specifies a local error page which is shown
   to users not accepting the user tracking cookie (note: search engines
   do probably not support this cookie enforcement and won't be able to
   crawl the site).

 - Generates a simple request id (unique per pid/tid within a
   millisecond) if mod_unique_id has not been loaded.

 - Fix: syntax check for QS_ErrorPage.

Version 9.28

 - QS_ErrorPage supports external HTTP redirect (302).

 - qsfilter2 features a rule id prefix (-k <prefix>).

 - qsfilter2 may process audit log using the sample log format
   "%h %>s %{qos-loc}n %{qos-path}n%{qos-query}n" without pre-processing.

Version 9.27

 - Remove qscheck utility (don't compile it by default).

 - New variable %{qos-loc}n indicating the Location matching a request
   (may be used to filter the audit log for dedicated locations in order
   to generate QS_PermitUri rules).

 - qsfilter2 may process "standard" Apache access log (TransferLog)
   files too (automatically detecting the request line).

 - Several adaptions/fixes to the machine-readable version of the status
   viewer.

Version 9.26

 - Fix: no mutex destroy (called by register cleanup when destroying
   pools). Should fix the restart issues with MPM prefork binaries.

 - Renew user tracking cookie once every month.

Version 9.25

 - Compile utilities using GNU autotools (hope this works at least on
   some Linux platforms).

Version 9.24

 - QS_SrvMinConnPerIP: don't log every rule violation (consolidate log
   messages and log only every 20th event, see QS_LOG_REPEAT).

 - Fixed: Removes thread_join for MPM prefork binaries.

Version 9.23

 - New directives: QS_MileStone*.

 - Q3032708: see http://www.openssl.org/support/faq.html#LEGAL2.

 - Add Access-Control-Allow-Origin to the default response header rules.

Version 9.22

 - New variable: QS_SrvConn

 - qslog shows total number of requests within a minute.

Version 9.21

 - New directive QS_UserTrackingCookieName.

Version 9.20

 - Fixed: Racing condition when using QS_SrvMinDataRate and
   ThreadsPerChild > 64 may cause segfault.

Version 9.19

 - Fixed: Segfault at server start if no vhost has been defined.

 - QS_SrvMinDataRateOffEvent may be used at server and/or location level.

Version 9.18

 - QS_SrvMaxConnClose supports the definition of the number of 
   keep-alive connections as a percentage of MaxClients.

 - Updates built-in filter pattern of QS_HeaderFilter.

Version 9.17

 - Output filters are executed after mod_setenvifplus.

Version 9.16

 - New directive QS_SrvMinDataRateOffEvent.

 - Changes directive process order (QS_SetEnvIfStatus).

 - QS_SrvMinDataRate enforces keep-alive timeout (request line must be
   received within the keep-alive timeout).

Version 9.15

 - New directives QS_ResponseHeaderFilter and QS_ResponseHeaderFilterRule.

Version 9.14

 - New directive QS_Decoding.

Version 9.12

 - New directive QS_SemMemFile.

 - Uses a checksum to represent IPV6 addresses.

Version 9.10

 - Fixed: ap_remove_input_filter().

 - MaxClients overrides ServerLimit/Treads settings when calculating the
   maximum number of possible client connections.

 - Log/debug message about used semaphore files.

Version 9.9

 - New implementation of the code for QS_SrvMaxConnPerIP to avoid
   malfunction reported by mod_qos user.

 - Module dependency (execution order) to mod_setenvifplus.

Version 9.8

 - Internal code changes/maintenance (join thread).

Version 9.7

 - mod_qos may be compiled defining QS_NO_STATUS_HOOK which prevents
   mod_qos from registering to mod_status.

Version 9.6

 - Environment variable QS_DeflateReqBody to deflate request body data
   (update to mod_parp 0.8 in order to get a correct content-length
   header after data deflating).

Version 9.5

 - New directives QS_SetReqHeader and QS_SetEnv.

Version 9.4

 - Fixed: Variable %{qos-query} is not set when using the
   QS_DenyQueryBody directive (and neither QS_DenyBody nor
   QS_PermitUriBody has been set).

 - Increased line buffer for qsfilter2 (2MB). 

Version 9.3

 - New directive QS_SetEnvResBody.

Version 9.2

 - New syntax:
   QS_VipHeaderName <header name>[=<regex>] [drop]
   QS_VipIPHeaderName <header name>[=<regex>] [drop]

Version 9.1

 - QS_ClientEventRequestLimit limits the number of concurrent events on
   a per client IP address basis (again increasing the per client memory
   consumption).

Version 9.0

 - Client level control: request characteristics measuring adds content
   type ration and number of 304 responses (requires now 64bytes instead
   of 48bytes per client on a 32bit system).

 - Improved client level control (behavior detection, see above) is
   processed by the QS_ClientPrefer directive. Directive
   QS_ClientTolerance controls the allowed variation.

 - Directive QS_SrvPreferNet has been removed. It's recommended to use
   QS_ClientPrefer instead.

Version 8.18

 - Q2841328: remove nasty pointer address cast to int.

Version 8.16

 - Q2834297: use a single mutex for all per virtual host ACT tables (too
   many mutexes if a server uses many virtual hosts).

Version 8.15

 - New variable QS_Delay.

Version 8.14

 - New directive QS_SrvDataRateOff.

Version 8.13

 - New directives QS_DenyQueryBody and QS_PermitUriBody obsolete
   QS_DenyBody.

 - Fixed: QS_Deny*/QS_Permit* directives can handle strings containing
   0 bytes (qsfilter2 still can't).

Version 8.12

 - New directive QS_InvalidUrlEncoding.

Version 8.11

 - Fixed: Change Apache 2.0 ifdef statements in order to compile with
   any compiler.

Version 8.10

 - Fixed: Did not compile with Apache 2.0.

Version 8.9

 - QS_LimitRequestBody may be defined using mod_setenvif.
   See new directive order in mod_qos_seq.gif

 - mod_qos uses anonymous shm by default.

 - Use constant semaphore/shared memory file names in order to reuse
   resources after unclear server shutdown.

Version 8.5

 - New directive QS_EventKBytesPerSecLimit.

 - New structure of the source archive tarball, see index.html#build
   for more information about building the binaries.

Version 8.3

 - QS_RequestHeaderFilterRule has new syntax.

 - QS_RequestHeaderFilter checks the header length too. It's possible
   to use "QS_RequestHeaderFilter size" for header length checking only
   (instead of using LimitRequestFieldsize).

Version 8.2

 - Fixed: Client prefer, don't mark connection timeout at keep alive
   end (used in conjunction with QS_ClientPrefer).

 - Access log events (mod_qos_ev, mod_qos_cr, mod_qos_con) are stored as
   variables (storing them in the out headers will be removed in one of
   the next release).

Version 8.1

 - Fixed: Checks for enabled cc in input filter.

 - Don't allow requests without an URL.

Version 8.0

 - New server configuration merger: settings within virtual hosts are
   merged with the settings from the base server (directives outside
   virtual hosts). Virtual host settings do not overwrite base settings
   any more.

 - New directive QS_LimitRequestBody.

Version 7.20

 - Fixed: Url decoding detecting %HH encoding (full range).

Version 7.19

 - QS_DenyEvent may be used to block requests which do NOT have the
   specified event set.

 - QS_DenyEvent is applied after the QS_SetEnvIf* directives.
   See mod_qos_seq.gif for more details.

Version 7.18

 - QS_Deny/Permit logs on severity warning if action is log only.

Version 7.17

 - QS_SetEnvIfBody recognizes the occurrence of $1 within the variable
   value and replaces it by the subexpressions of the defined regex
   pattern.

Version 7.16

 - Set audit log variables at header parser hook.

Version 7.15

 - Directive QS_EventRequestLimit may match variable values too.

 - New directive QS_SetEnvIfBody.

 - Audit log is enabled based on the defined log format variables.

Version 7.14

 - New directive QS_DenyBody implements generic request body filter
   which can be used in conjunction with QS_DenyQuery, QS_PermitUri,
   and body data audit log (to be processed my qsfilter2).

Version 7.13

 - Changed directive processing order, see mod_qos_seq.gif.

 - New directive QS_SetEnvIfParp (requires mod_parp,
   see http://parp.sourceforge.net).

   Important:
   mod_parp and the QS_SetEnvIfParp directive copies the whole HTTP
   request message body into the servers memory (requires at least
   twice the memory size of the posted data). It is very important
   that you limit the messagy body size for requests processed my
   mod_parp/QS_SetEnvIfParp using the Apache directive LimitRequestBody.

 - New directive QS_DenyEvent.

 - Chuck out mod_qos_control.

Version 7.12

 - Process event filter only if some rules have been defined.

 - Recovery rate (decrease limitation) for bandwidth and and request
   limit has been increased from 16% to 25%.

Version 7.11

 - New directive QS_EventRequestLimit.

Version 7.9

 - Fixed: QS_SrvMinDataRate/QS_SrvRequestRate counts all server
   connections (not only per child process).

Version 7.8

 - Directive QS_SrvMinDataRate/QS_SrvRequestRate supports min/max
   limitation in order to increase the minimum upload/download bandwidth
   on multiple simultaneously connections.

 - Fixed: Activation of QS_SrvMinDataRate did not work
   (QS_SrvRequestRate only).

Version 7.7

 - New directive QS_SetEnvIfQuery.

Version 7.6

 - Use the HTTP response code defined by QS_ErrorResponseCode (default
   is 500) settings for all denied requests expect for those requests
   rejected to a QS_Deny*, QS_Permit*, or QS_RequestHeaderFilter rule.

Version 7.5

 - New directive QS_ErrorResponseCode

 - Multiple directives (QS_LocRequestLimit, QS_LocRequestLimitMatch,
   QS_CondLocRequestLimitMatch, QS_ClientEventBlockCount, and
   QS_ClientEventPerSecLimit) allow now a limitation set to "0".

 - QS_SrvMinDataRate replaces QS_SrvRequestRate.

Version 7.4

 - QS_SrvRequestRate supports chunked POST.

Version 7.3

 - Partial (not for chunked post) fixed error message for slow server
   response when using QS_SrvRequestRate.

Version 7.2

 - New directive QS_SetEnvResHeaderMatch

Version 7.1

 - QS_SrvMaxConnExcludeIP works for QS_SrvRequestRate (may be used to
   allow selected IP sources, e.g. slow spider).

Version 7.0

 - New directive QS_SrvRequestRate enforces minimum upload bandwidth
   (used for TCP DoS prevention). Requires thread support.

 - QS_ClientPrefer allows definition of free connections in percent
   in order to override the default of 80%. Available for Apache 2.2
   only.

 - QS_SrvConnTimeout is no longer available.
   You may use QS_SrvRequestRate instead.

Version 6.7

 - Detects low priority clients (clients sending slow or using small
   data packets get marked as low priority clients). 

 - New directives QS_VipUser and QS_VipIpUser.

 - Status viewer shows information about client (IP) control status.

Version 6.6

 - mod_status handler hook supports short status flag.

Version 6.5

 - New directive QS_SetEnvResHeader.

 - mod_qos_control supports QS_SetEnvIf, QS_SetEnvStatus, and
   QS_SetEnvIf directive editing.

Version 6.4

 - New directive QS_SetEnvStatus.

 - QS_SetEnvIf for response processing (log transaction).

 - QS_ClientEventBlockCount on response events (log transaction).

Version 6.3

 - New directive QS_VipIPHeaderName to mark clients (IP) without
   providing them full VIP privileges.

 - Add details to log messages.

Version 6.2

 - New command: QS_ClientEventPerSecLimit.

Version 6.1

 - QS_SetEnvIf supports "NOT" operator.

 - Sets QS_VipRequest variable when receiving valid session cookie.

Version 6.0

 - mod_qos features per client (IP) control rules.

 - QS_ClientPrefer, prefers known VIP clients.

 - QS_ClientEventBlockCount, blocks clients on events.

Version 5.17

 - New directive QS_EventPerSecLimit allows req/sec limitation for
   requests causing an event.

 - New directive QS_SetEnvIf allows combination of multiple environment
   variables.

 - Fixed: sem/shm leak when using QS_SrvPreferNet.

Version 5.16

 - Mark QS_CondLocRequestLimitMatch in status viewer.

Version 5.15

 - New directive QS_CondLocRequestLimitMatch allows conditional request
   level rules.

Version 5.14

 - Remove "nicetitles" from status viewer.

Version 5.13

 - Again, minor status viewer changes.

Version 5.12

 - Status viewer uses "nicetitles" to show long rule strings.

Version 5.11

 - Minor internal code changes.

Version 5.10

 - Rules do not use individual mutex any longer. This allows an unlimited
   number of rules.

Version 5.9

 - mod_qos_control features additional qsfilter2 settings.

Version 5.8

 - Minor improvements in status viewer.

 - 5.7 did not compile with Apache 2.0 (ap_regex).

Version 5.7

 - Important:
   QS_PermitUri, QS_Deny*, qsfilter2 apply filter rules against unescaped
   URLs where %<hex>, \x<hex> and + (new!) is unescaped.
   You should regenerate your QS_PermitUri rules using the updated
   version of the qsfilter2 tool provided by this release.

 - Very first release of mod_qos_control.

Version 5.6

 - New status viewer implementation.

Version 5.4

 - Important:
   QS_PermitUri, QS_Deny*, qsfilter2 apply filter rules against
   unescaped URLs where %<hex> and \x<hex> (new!) is unescaped.
   You should regenerate your QS_PermitUri rules using the updated
   version of the qsfilter2 tool provided by this release.

Version 5.2

 - QS_VipHeaderName creates session cookie only once.

 - VIP has no QS_LocKBytesPerSecLimit/QS_LocKBytesPerSecLimitMatch
   restrictions.

 - QS_SrvPreferNet triggers for VIP user on response header only.

Version 5.1

 - New directive QS_SrvPreferNet.

Version 4.30

 - Fixed: Segfault at server startup when no virtual host has been
   configured.       

Version 4.29

 - Debug log level lists available request header filter rules.

Version 4.28

 - Introduce request header filter.

Version 4.18

 - Introduce log message numbers and SSI support for error pages.

 - Add new directive QS_DenyInheritanceOff

 - Add qsfilter2, a tool to generate request URI allow list rules.

 - Use mod_unique_id to tag error messages.

Version 4.13

 - QS_PermitUri uses case sensitive pcre.

Version 4.11

 - Add new directive QS_PermitUri.

Version 4.8

 - Introduce generic request filtering (QS_Deny* directive).

Version 4.3

 - New handling of graceful server restart.

Version 4.2

 - QS_LocKBytesPerSecLimitMatch, QS_LocRequestPerSecLimitMatch

Version 4.1

 - QS_LocKBytesPerSecLimit

Version 4.0

 - Introduce request/response throttling.

Version 3.12

 - Update to mod_qos viewer (status handler).

Version 3.10

 - Dynamic error page definition using setenvif.

Version 3.12

 - Introduce mod_qos viewer (status handler).

Version 3.5

 - QS_KeepAliveTimeout

Version 3.4

 - QS_SrvConnTimeout

Version 3.2

 - QS_SrvMaxConnTimeout

Version 3.1

 - QS_SrvMaxConnExcludeIP

Version 3.0

 - Introduce connection level control (QS_SrvMaxConnClose QS_SrvMaxConn).

Version 2.3

 - VIP detection.

Version 2.2

 - qslog utility.

Version 2.0

 - New implementation of location based request limitation.

Version 1.3

 - Initial version (scoreboard based request limitation).