...

# Simple attempt to block very basic DOS attacks over GET
#    Tolerate ~3.3 GET/s in 30s (100 GET in less than 30s)
[http-get-dos]
enabled = true
port = http,https
filter = http-get-dos
logpath   = /var/log/apache2/custom_access.log
maxRetry = 100
findtime = 30
bantime = 6000

# Simple attempt to block very basic DOS attacks over POST
#   Tolerate ~2 POST/s in 30s (60 POST in less than 30s)
[http-post-dos]
enabled = true
port = http,https
filter = http-post-dos
logpath   = /var/log/apache2/custom_access.log
maxRetry = 60
findtime = 29
bantime = 6000