Version 10.28

 - Fixed: QS_ClientEventLimit did overwrite counters of other
   clients if multiple events have been configured.

Version 10.27

 - qslog features the option "-pu" and "-puc" used to gather
   request information on a per URL basis.

 - Fixed: Wrong includes within the support utilities.

 - Extends QS_ClientSerialize max. timeout from 1 to 5 minutes.

Version 10.26

 - QS_ClientSerialize supports the QS_ClientIpFromHeader directive.

 - Refactor method used to determine redirect port (user tracking)
   supporting servers not using virtual hosts.

 - Fixed: QS_UserTrackingCookieName uses correct server_rec to
   retrieve configuration.

 - Hook implementing user tracking is now called after mod_unique_id.

 - Slightly changed unique-id generator.

 - Adds fflush() to qsgrep utility when writing data to stdout.
 
Version 10.25

 - QS_EventLimitCount writes the current value to the process
   environment variables.

 - Fixed: QS_[Cond]ClientEventLimitCount logs request id and propagtes
   message code (067) to the QS_ErrorNotes variable.

 - New variable QS_IPConn representing the number of connections
   opened from the very same source IP (works in conjunction with
   QS_SrvMaxConnPerIP only).

Version 10.24

 - New directive QS_CondClientEventLimitCount.

 - QS_SrvMinDataRate: limits the max. data rate to the configured
   value (prevents invalid rate due to misconfiguration server or
   died child process).

Version 10.23

 - Fixed: QS_ClientEventLimitCount log message 067 contains now
   the IP address of the request header if QS_ClientIpFromHeader
   is used.

 - QS_SetEnvRes: supports multiple variables with the same name.

Version 10.22

 - Process QS_SetEnvResHeader(Match) and QS_SetEnvRes at error
   filter too.

Version 10.21

 - Fixed: qslogger may had detected the wrong message severity.

 - Adds debug message when detecting "NullConnection" events.

 - Built-in request header rules: adapt If-Match, If-None-Match,
   Cookie, and Cookie2 HTTP header patterns.

Version 10.20

 - Fixed: QS_CondLocRequestLimitMatch did work only if other QS_Loc*
   directive had been configured.

Version 10.19

 - New directive QS_RedirectIf.

Version 10.18

 - QS_ClientEventLimitCount may be cleared by environment
   variable (suffixed by "_Clear", e.g. QS_Limit_Clear).
 
Version 10.17

 - QS_ClientEventLimitCount supports unlimited number of events.

 - Stores the value of the QS_ClientEventLimitCount variables as
   environment variables suffixed by "_Counter", e.g. QS_Limit_Counter
   for the default QS_Limit variable, in order to be processed by
   other rules.

 - Add Content-Security-Policy to the default response header
   white list.

 - qslog features enhanced "-pc" mode providing more information:
   * Collects content type information (%{content-type}o).
   * Duration between the first and the last request.
   * Average response in ms.
   * "ci" indicates if we have seen the client at the end or the
     beginning of the file (maybe not all requests in the log
     due to log rotation).
   * Bytes downloaded.
   * Writes status characters to stderr.
   * HTTP request methods (GET/POST)

- qsgeo features option "-l" and is able to process "qslog -pc"
  files.

Version 10.16

 - qslog adds 'E' (event identifiers) to the format string.
   QSEVENTPATH environment variable specifies a file containing
   all known event names (comma separated list).

 - qslog average counter (a/A) count only if a numeric value
   is available.

 - qssing does not try to execute invalid program name (space only).

Version 10.15

 - qsrotate supports DST and offset to UTC.

 - Add the "connections" argument to the QS_SrvMaxConnPerIP directive
   to disable the rule enforcement on idle web servers.

Version 10.14

 - Minor changes to status viewer (color for QS_EventLimitCount
   counter).

 - Q3594444: adapted man page subject.

 - QS_ErrorResponseCode verifies that the defined error code is
   valid resp. known by Apache.

 - Add option "-b" to the qsrotate utility.

Version 10.13

 - Add new directive QS_EventLimitCount.

Version 10.12

 - Fixed: Per-client status viewer did not show numbers correctly
   (depending on the platform it has been compiled for).

Version 10.11

 - Don't write QS_ClientEventBlockCount event messages (060) every
   time a client is blocked.

 - Adjust log message severity of permitted QS_SrvMinDataRate rule
   violations from 'info' to 'debug'.

Version 10.10

 - Add DNT HTTP request header to the default request header white list.

 - qslog "-pc" supports counting established connections.

 - Fixed: Endless loop when using option "-c" with only one rule.

 - New utility qshead.

Version 10.9

 - Q3535677: Don't use prce_info() any longer.

 - qslog option "-x" allows the specification how many files to keep.
   Default are 14 days.

 - qslog counter 'a', 'A', and 's'.

 - Adapted log message mod_qos(069)

 - QS_ClientIpFromHeader@logger searches for the header in r->prev
   and r->main too.

Version 10.8

 - Fixed: QS_SetEnvIfResBody did not properly detect pattern.

 - qslogger features severity filter (forward only messages with a
   matching/higher severity) and adjustable default severity for those
   log lines which do not contain the severity pattern.

Version 10.7

 - Writes notice message at server startup if the Apache version
   is not supported (mod_qos has been implemented for Apache 2.2
   worker binaries only).

 - Use pcre_study() API call only if QOS_EXTRA_USE_PCRE_STUDY has been
   defined while compiling mod_qos.

 - Adds fflush() to qslogger/qsexec/qsgeo/qslogger utility when writing
   data to stdout.

Version 10.6

 - qslog measures average response time in milliseconds (avms).

 - Fixed: Viewer shows number of per client ip connections if no server
   limitations are set (query "option=ip").

 - Fixed: qslogger did not compile on non-Linux platforms.

Version 10.5

 - New utility: qslogger.

 - JSON includes array index number (note: you need to adapt
   existing JSON rules).

 - Experimental: mod_qos compiles with Apache 2.4
   * QS_SrvMinDataRate is not available (does not work, use mod_reqtimeout
     instead)
   * QS_Srv* directives shall not be used (connection cleanup takes
     very long)

Version 10.4

 - Improved qs* utility performance. 

Version 10.3

 - Fixed: ABR in QS_SetEnvIfResBody.

Version 10.2

 - Fixed: QS_Milestone uses now URL decoding before applying the
   expression (pcre).

 - Add the qsgeo utility to the distribution archive file.

 - Fixed: Supress warning message about missing mod_unique_id
   if mod_navajo.cpp is available.

 - New connection correlation id QS_ConnectionId (available as
   an event for logging purposes).

Version 10.1

 - QS_ClientIpFromHeader may be used to set QS_Country variable.

 - Viewer shows QS_AllConn variable.

Version 10.0

 - New directives QS_ClientGeoCountryDB and QS_ClientGeoCountryPriv.

 - New variables: QS_AllConn and QS_Country.

Version 9.79

 - Fixed: Wrong IP conversion (str2long) used by console and
   QS_ClientIpFromHeader.

Version 9.78

 - Fixed: QS_UserTrackingCookieName enforcement did not work
   if server creates internal redirect.

Version 9.77

 - Use pcre_study() and match_limit where applicable.

 - qslog features the option "-c" to collect separate statistics,
   e.g., for different URLs.

 - qslog features the option "-pc" used to gather request information
   per client.

 - New directive QS_SrvSampleRate (may be used to adjust the
   QS_REQ_RATE_TM sample rate at runtime/post compilation). Not
   documented.

 - Fixed: qslog line parsing bug (double backslash).

Version 9.76

 - New directive QS_ClientIpFromHeader (may be used in conjunction
   with QS_ClientEventLimitCount only).
 
 - qslog measures new connections per minute (%k == 0).

 - Fixed: Don't show connections in the overview if not measured.

 - Internal: QS_EventRequestLimit are added (insted of set) to the
   event table in order to prevent multiple increments by the very
   same request.

Version 9.75

 - New directive QS_SetEnvRes.

 - Viewer keeps value about the last measured kbytes/second result
   for a longer time.

 - Update documentation (description of QS_LocKBytesPerSecLimit* 
   directives).

Version 9.74

 - Fix header file in qsfilter2 (possible compile problems).

 - Fix pre connection handling for outgoing (mod_proxy) connections.

Version 9.73

 - Q3429879: Format usage text of the mod_qos utilities to man page
   format. Use "<utility> --man" to generate the man page.

 - Make "NullConnection" detection (known by QS_SetEnvIfStatus)
   more aggressive.

Version 9.72

 - Module tries to detect a suitable default error document for
   QS_ErrorPage automatically.

 - New status "NullConnection" known by QS_SetEnvIfStatus detecting
   TCP connections which are not used to send a HTTP request (closed
   without transmitting HTTP request line and header or denied
   by any other module).

 - QS_ClientEventBlockCount is processed at pre_connection hook
   (more aggressive, before mod_ssl).

 - Supress warning message about missing mod_unique_id if mod_navajo
   is available.

Version 9.71

 - QS_RequestHeaderFilterRule and QS_ResponseHeaderFilterRule may
   be configured within a host (outside location).

 - QS_ResponseHeaderFilterRule features the action "silent" which drops 
   header silently without writing a log message.

 - Headers X-Content-Type-Options and X-XSS-Protection has been added
   to the default response header rules.

 - Fixed: Bug in JSON parser.

 - Fixed: Propagation of Apache environment variables to sub-requests
   (solves bug when using QS_ClientEventBlockCount and ErrorDocument).

Version 9.70

 - QS_EventPerSecLimit and QS_EventKBytesPerSecLimit counters are no
   longer updated if a request has already been denied by a
   QS_EventRequestLimit rule.

 - QS_LocRequestPerSecLimit* and QS_LocKBytesPerSecLimit* counter
   are no longer updated if a request has already been denied by a
   QS_LocRequestLimit* rule.

 - Adjust attributes/number of requests required to identify the
   client behavior.

 - Update request header white list rule for Content-Type.

Version 9.69

 - Client behavior (content type a client is downloading) is calculated
   in a percent of the whole trafic type distribution. The directive
   QS_ClientTolerance supports only values between 5 and 80.

 - Add directive QS_ClientContentTypes to define the normally downloaded
   content types statically (instead of self learning).

 - Detection if module has been build for a different MPM implementation
   than the server is using at runtime.

 - JSON parser processes request query (if starting with an array '['
   of object '{') if no body is available.

 - qssing supports additional log format detection.

 - qslog supports request time duration measurement in milli- and
   microseconds too (t and D instead of T).

 - qslog isolates numeric values (B, i, T, t, D, S) even they are
   surrounded or prefixed by other characters, e.g. time="<number>".

 - qslog treats single quoted string with (short) leading name and eaual
   sign (e.g., agent='Mozilla 1') as single element (offline mode only).

 - qslog extracts additional time formats (offline mode).

 - Added "X-Do-Not-Track" to the built-in request header white list.

 - Minor changes within the status viewer (machine-readable view).

Version 9.68

 - Change in order to support HP-UX.

Version 9.67

 - Fixed: QS_ClientSerialize has required other client level control
   directive.

Version 9.66 

 - Client data store updates entry time stamp every access.

Version 9.65

 - Fixed: Could not compile the support utility qscheck.

 - qsexec features option "-c" (pattern clearing the event counter).

Version 9.64

 - New utility: qsexec

 - Dynamic client data store partition (depending on the size of the
   store as defined by QS_ClientEntries) for improved performance.

Version 9.62

 - Some code refactoring (performance improvements, no functional changes).

Version 9.61

 - New directive QS_LogOnly may be used to disable rule enforcement
   (permissive mode).

 - Minor changes within the status viewer.

 - "QS_SetEnvIfStatus QS_SrvMinDataRate QS_Block" limits the allowed
   number of QS_SrvMinDataRate rule violations.

Version 9.60

 - Fixed: QS_ClientEventBlockCount/QS_ClientEventLimitCount get not reset
   if client causes events continuously.

Version 9.58

 - Fixed: IP does not get marked as VIP if QS_ClientPrefer has not
   been defined.

 - New variable QS_ErrorNotes.

 - Add "Transfer-Encoding" (very strict) to the built-in request header
   white list.

Version 9.57

 - Status viewer features query name "refresh" which causes the browser
   to reload the page every 10 seconds.

Version 9.56

 - Clear per client data store counters at graceful restart to prevent
   dead enties (counter grow) due unclear client shutdown.

 - qsfilter2 features url filter (-f).

 - QS_ClientSerialize does not block for more than 10 minutes.

Version 9.55

 - Minor changes in configure script (autotools) of the support
   utilities (png library name).

 - Add allowed response header X-Content-Security-Policy.

 - Fixed: qslog cuts last character if parameter is at end of line.

 - Fixed: qsfilter2 handling of 0 byte characters.

Version 9.54

 - QS_SetEnvIf may unset a variable.

 - New variable QS_IsVipRequest.

Version 9.53

 - Re-introduce qscheck to the support utilities tarball.

Version 9.52

 - Double per client data store speed (insert new entries) by partitioning
   of odd and even ip addresses.

 - Overview section in qos viewer (showing connections and load).

 - Remove packet-rate measurement.

Version 9.51

 - Set IP based VIP status to connection even before we receive the
   HTTP request.

 - New argument "connections" for the QS_SrvMinDataRate directive allows to
   disable the limitation if the server is idle/has only little traffic.

 - Adapt built-in request header filter rules.

Version 9.49

 - Adapt built-in request header filter rules.

 - New utility: qsgrep.

 - Change process order: process QS_SetEnvResHeader after
   QS_SetEnvResHeaderMatch.

 - New directive QS_UnsetResHeader.

 - New directive QS_ClientEventLimitCount (works similar as
   QS_ClientEventBlockCount but enforces rule at request level only).

Version 9.48

 - qslog supports mod_logio (%I and %O).

 - Re-introduce deprecated QS_SetEnvStatus directive (for
   backwards compatibility).

Version 9.47

 - QS_SetEnvIfStatus may be used within Locations.

 - Sequence: execute QS_SetEnvIfStatus earlier (before QS_SetEnvResHeader).

 - Remove directive QS_SetEnvStatus (alias for QS_SetEnvIfStatus).

Version 9.46

 - QS_VipUser/QS_VipIpUser detects r->user earlier (@fixup).

 - QS_KeepAliveTimeout allows value "0" disabling keep-alive.

 - Process QS_KeepAliveTimeout variable at response too.

 - QS_SetEnvIfStatus may be specified multiple times for the same
   response code.

 - QS_SetEnvIfStatus accepts the definition of a variable value.

Version 9.45

 - Add directive QS_ClientSerialize.

 - qslog used new parameter names for event message counts.

Version 9.44

 - Add directive QS_DisableHandler.

Version 9.43

 - QS_ClientEventBlockCount rule violation marks client to have low priority.

Version 9.42

 - Console "action=search&address=*" returns a list of all clients.

 - Fixed: Removes the apr_shm_destroy() calls to avaoid double-free
   errors on Linux with old APR library versions.

Version 9.41

 - Fixed: Console action 'block' did not set event number.

Version 9.40

 - Fixed: Search IP in console

 - Fixed: User tracking set-cookie is set twice.

 - Process QS_SetEnvIfStatus on internal errors (protocol).

Version 9.38

 - Web console allows the modification of attributes of entries within
   the client data store.

 - Status viewer supports query "ip" (showing the IP addresses of
   the connected clients for all open TCP connections) in
   machine-readable version.

 - Status viewer used new delimiter within rule names on machine-readable
   version (query "auto").

Version 9.37

 - Changed QS_ClientPrefer behavior:
   - never block VIP IP
   - step 1 denies slow marked clients only

 - Set the QS_ClientLowPrio variable for clients with low priority.

 - qssign: add option "-e" which ensures we don't lost any lines.

 - Update built-in header validation pattern.

Version 9.36

 - QS_SrvMinDataRateOffEvent processing at fixup (request).

 - Use apr_time_t instead of time_t.

Version 9.34

 - qslog counts response status codes per minute.

 - Use apr_time_t instead of time_t.

Version 9.33

 - User tracking cookie enforcement may be disabled by setting the 
   DISABLE_UTC_ENFORCEMENT environment variable, e.g. for certain
   User-Agent headers.

Version 9.32

 - Status viewer returns "text/plain" for request query 'auto'.

Version 9.31

 - qsfilter2: encode double quotes and backslashes using their hex
   values (no escaping within Apache configuration necessary).

 - Featuring JSON parser which may be used in conjunction with QS_PermitUri.

Version 9.30

 - Fixed: qsfilter2 did not compile with OpenSSL 1.0.0.

Version 9.29

 - Add Strict-Transport-Security to the default response header rules.

 - Directive QS_UserTrackingCookieName features an optional
   "path" attribute. This path specifies a local error page
   which is shown to users not accepting the user tracking
   cookie (note: search engines do probably not support this cookie
   enforcement and won't be able to crawl the site).

 - Generates a simple request id (unique per pid/tid within a
   millisecond) if mod_unique_id has not been loaded.

 - Fix: syntax check for QS_ErrorPage.

Version 9.28

 - QS_ErrorPage supports external HTTP redirect (302).

 - qsfilter2 features a rule id prefix (-k <prefix>).

 - qsfilter2 may process audit log using the sample log
   format "%h %>s %{qos-loc}n %{qos-path}n%{qos-query}n"
   without pre-processing.

Version 9.27

 - Remove qscheck utility (don't compile it by default).

 - New variable %{qos-loc}n indicating the Location matching a
   request (may be used to filter the audit log for dedicated
   locations in order to generate QS_PermitUri rules).

 - qsfilter2 may process "standard" Apache access log (TransferLog)
   files too (automatically detecting the request line).

 - Several adaptions/fixes to the machine-readable version of
   the status viewer.

Version 9.26

 - Fix: no mutex destroy (called by register cleanup when
   destroying pools). Should fix the restart issues with
   MPM prefork binaries.

 - Renew user tracking cookie once every month.

Version 9.25

 - Compile utilities using GNU autotools (hope this works at least on
   some Linux platforms).

Version 9.24

 - QS_SrvMinConnPerIP: don't log every rule violation (consolidate log
   messages and log only every 20th event, see QS_LOG_REPEAT).

 - Fixed: Removes thread_join for MPM prefork binaries.

Version 9.23

 - New directives: QS_MileStone*.

 - Q3032708: see http://www.openssl.org/support/faq.html#LEGAL2.

 - Add Access-Control-Allow-Origin to the default response header rules.

Version 9.22

 - New variable: QS_SrvConn

 - qslog shows total number of requests within a minute.

Version 9.21

 - New directive QS_UserTrackingCookieName.

Version 9.20

 - Fixed: Racing condition when using QS_SrvMinDataRate
   and ThreadsPerChild > 64 may cause segfault.

Version 9.19

 - Fixed: Segfault at server start if no vhost has been
   defined.

 - QS_SrvMinDataRateOffEvent may be used at server and/or
   location level.

Version 9.18

 - QS_SrvMaxConnClose supports the definition of the number
   of keep-alive connections as a percentage of MaxClients.

 - Update built-in filter pattern of QS_HeaderFilter.

Version 9.17

 - Output filters are executed after mod_setenvifplus.

Version 9.16

 - New directive QS_SrvMinDataRateOffEvent.

 - Changes directive process order (QS_SetEnvIfStatus).

 - QS_SrvMinDataRate enforces keep-alive timeout (request line
   must be received within the keep-alive timeout).

Version 9.15

 - New directives QS_ResponseHeaderFilter and QS_ResponseHeaderFilterRule.

Version 9.14

 - New directive QS_Decoding.

Version 9.12

 - New directive QS_SemMemFile.

 - Uses a checksum to represent IPV6 addresses.

Version 9.10

 - Fixed: ap_remove_input_filter().

 - MaxClients overrides ServerLimit/Treads settings when
   calculating the maximum number of possible client
   connections.

 - Log/debug message about used semaphore files.

Version 9.9

 - New implementation of the code for QS_SrvMaxConnPerIP
   to avoid malfunction reported by mod_qos user.

 - Module dependency (execution order) to mod_setenvifplus.

Version 9.8

- Internal code changes/maintenance (join thread).

Version 9.7

- mod_qos may be compiled defining QS_NO_STATUS_HOOK which
  prevents mod_qos from registering to mod_status.

Version 9.6

- Environment variable QS_DeflateReqBody to deflate request
  body data (update to mod_parp 0.8 in order to get a correct
  content-length header after data deflating).

Version 9.5

- New directives QS_SetReqHeader and QS_SetEnv.

Version 9.4

- Fixed: Variable %{qos-query} is not set when using the 
  QS_DenyQueryBody directive (and neither QS_DenyBody nor
  QS_PermitUriBody has been set).

- Increased line buffer for qsfilter2 (2MB). 

Version 9.3

- New directive QS_SetEnvResBody.

Version 9.2

- New syntax:
  QS_VipHeaderName <header name>[=<regex>] [drop]
  QS_VipIPHeaderName <header name>[=<regex>] [drop]

Version 9.1

- QS_ClientEventRequestLimit limits the number of concurrent
  events on a per client IP address basis (again increasing
  the per client memory consumption).

Version 9.0

 - Client level control: request characteristics measuring adds
   content type ration and number of 304 responses (requires now
   64bytes instead of 48bytes per client on a 32bit system).

 - Improved client level control (behavior detection, see above)
   is processed by the QS_ClientPrefer directive.
   Directive QS_ClientTolerance controls the allowed variation.

 - Directive QS_SrvPreferNet has been removed. It's recommended
   to use QS_ClientPrefer instead.

Version 8.18

 - Q2841328: remove nasty pointer address cast to int.

Version 8.16

 - Q2834297: use a single mutex for all per virtual host ACT
   tables (too many mutexes if a server uses many virtual
   hosts).

Version 8.15

 - New variable QS_Delay.

Version 8.14

 - New directive QS_SrvDataRateOff.

Version 8.13

 - New directives QS_DenyQueryBody and QS_PermitUriBody
   obsolte QS_DenyBody.

 - Fixed: QS_Deny*/QS_Permit* directives can handle strings
   containing 0 bytes (qsfilter2 still can't).

Version 8.12

 - New directive QS_InvalidUrlEncoding.

Version 8.11

 - Fixed: Change Apache 2.0 ifdef statements in order to
   compile with any compiler.

Version 8.10

 - Fixed: Did not compile with Apache 2.0.

Version 8.9

 - QS_LimitRequestBody may be defined using mod_setenvif.
   See new directive order in mod_qos_seq.gif

 - mod_qos uses anonymous shm by default.

 - Use constant semaphore/shared memory file names in order
   to reuse resources after unclear server shutdown.

Version 8.5

 - New directive QS_EventKBytesPerSecLimit.

 - New structure of the source archive tarball, see
   index.html#build for more information about building
   the binaries.

Version 8.3

 - QS_RequestHeaderFilterRule has new syntax.

 - QS_RequestHeaderFilter checks the header length too.
   It's possible to use "QS_RequestHeaderFilter size" for
   header length checking only (instead of using
   LimitRequestFieldsize).

Version 8.2

 - Fixed: Client prefer, don't mark connection timeout at
   keep alive end (used in conjunction with QS_ClientPrefer).

 - Access log events (mod_qos_ev, mod_qos_cr, mod_qos_con)
   are stored as variables (storing them in the out headers
   will be removed in one of the next release).

Version 8.1

 - Fixed: Checks for enabled cc in input filter.

 - Don't allow requests without an URL.

Version 8.0

 - New server configuration merger: settings within virtual
   hosts are merged with the settings from the base server
   (directives outside virtual hosts). Virtual host settings
   do not overwrite base settings any more.

 - New directive QS_LimitRequestBody.

Version 7.20

 - Fixed: Url decoding detecting %HH encoding (full range).

Version 7.19

 - QS_DenyEvent may be used to block requests which do NOT have
   the specified event set.

 - QS_DenyEvent is applied after the QS_SetEnvIf* directives.
   See mod_qos_seq.gif for more details.

Version 7.18

 - QS_Deny/Permit logs on severity warning if action is log only.

Version 7.17

 - QS_SetEnvIfBody recognizes the occurrence of $1 within
   the variable value and replaces it by the subexpressions
   of the defined regex pattern.

Version 7.16

 - Set audit log variables at header parser hook.

Version 7.15

 - Directive QS_EventRequestLimit may match variable values too.

 - New directive QS_SetEnvIfBody.

 - Audit log is enabled based on the defined log format variables.

Version 7.14

 - New directive QS_DenyBody implements generic request body
   filter which can be used in conjunction with QS_DenyQuery,
   QS_PermitUri, and body data audit log (to be processed
   my qsfilter2).

Version 7.13

 - Changed directive processing order, see mod_qos_seq.gif.

 - New directive QS_SetEnvIfParp (requires mod_parp,
   see http://parp.sourceforge.net).

   Important:
   mod_parp and the QS_SetEnvIfParp directive copies
   the whole HTTP request message body into the servers
   memory (requires at least twice the memory size of
   the posted data). It is very important that you
   limit the messagy body size for requests processed
   my mod_parp/QS_SetEnvIfParp using the Apache directive
   LimitRequestBody.

 - New directive QS_DenyEvent.

 - Chuck out mod_qos_control.

Version 7.12

 - Process event filter only if some rules have been
   defined.

 - Recovery rate (decreas limitation) for bandwidth and
   and request limit has been increased from 16% to 25%.

Version 7.11

 - New directive QS_EventRequestLimit.

Version 7.9

 - Fixed: QS_SrvMinDataRate/QS_SrvRequestRate counts all
   server connections (not only per child process).

Version 7.8

 - Directive QS_SrvMinDataRate/QS_SrvRequestRate supports
   min/max limitation in order to increase the minimum
   upload/download bandwith on multiple simultaneously
   connections.

 - Fixed: Activation of QS_SrvMinDataRate did not work
   (QS_SrvRequestRate only).

Version 7.7

 - New directive QS_SetEnvIfQuery.

Version 7.6

 - Use the HTTP response code defined by QS_ErrorResponseCode
   (default is 500) settings for all denied requests expect
   for those requests rejected to a QS_Deny*, QS_Permit*, or 
   QS_RequestHeaderFilter rule.

Version 7.5

 - New diretive QS_ErrorResponseCode

 - Multiple directives (QS_LocRequestLimit, QS_LocRequestLimitMatch,
   QS_CondLocRequestLimitMatch, QS_ClientEventBlockCount, and
   QS_ClientEventPerSecLimit) allow now a limitation set to "0".

 - QS_SrvMinDataRate replaces QS_SrvRequestRate.

Version 7.4

 - QS_SrvRequestRate supports chunked POST.

Version 7.3

 - Partial (not for chunked post) fixed error message
   for slow server response when using QS_SrvRequestRate.

Version 7.2

 - New directive QS_SetEnvResHeaderMatch

Version 7.1

 - QS_SrvMaxConnExcludeIP works for QS_SrvRequestRate
   (may be used to allow selected IP sources, e.g. slow
   spider).

Version 7.0

 - New directive QS_SrvRequestRate enforces minimum
   upload bandwith (used for TCP DoS prevention).
   Requires thread support.

 - QS_ClientPrefer allows definition of free connections
   in percent in order to override the default of 80%.
   Available for Apache 2.2 only.

 - QS_SrvConnTimeout is no longer available.
   You may use QS_SrvRequestRate instead.

Version 6.7

 - Detects low priotity clients (clients sending slow
   or using small data packets get marked as low
   priority clients). 

 - New directives QS_VipUser and QS_VipIpUser.

 - Status viewer shows information about client (IP)
   control status.

Version 6.6

 - mod_status handler hook supports short status flag.

Version 6.5

 - New directive QS_SetEnvResHeader.

 - mod_qos_control supports QS_SetEnvIf, QS_SetEnvStatus, and
   QS_SetEnvIf directive editing.

Version 6.4

 - New directive QS_SetEnvStatus.

 - QS_SetEnvIf for response processing (log transaction).

 - QS_ClientEventBlockCount on response events (log transaction).

Version 6.3

 - New directive QS_VipIPHeaderName to mark clients (IP)
   without providing them full VIP privileges.

 - Add details to log messages.

Version 6.2

 - New command: QS_ClientEventPerSecLimit.

Version 6.1

 - QS_SetEnvIf supports "NOT" operator.

 - Sets QS_VipRequest variable when receiving valid session
   cookie.

Version 6.0

 - mod_qos features per client (IP) control rules.

 - QS_ClientPrefer, prefers known VIP clients.

 - QS_ClientEventBlockCount, blocks clients on events.

Version 5.17

 - New directive QS_EventPerSecLimit allows req/sec limitation
   for requests causing an event.

 - New directive QS_SetEnvIf allows combination of multiple
   environment variables.

 - Fixed: sem/shm leak when using QS_SrvPreferNet.

Version 5.16

 - Mark QS_CondLocRequestLimitMatch in status viewer.

Version 5.15

 - New directive QS_CondLocRequestLimitMatch allows conditional
   request level rules.

Version 5.14

 - Remove "nicetitles" from status viewer.

Version 5.13

 - Again, minor status viewer changes.

Version 5.12

 - Status viewer uses "nicetitles" to show long rule strings.

Version 5.11

 - Minor internal code changes.

Version 5.10

 - Rules do not use individual mutex any longer. This allows
   an unlimted number of rules.

Version 5.9

 - mod_qos_control features additional qsfilter2 settings.

Version 5.8

 - Minor improvements in status viewer.

 - 5.7 did not compile with Apache 2.0 (ap_regex).

Version 5.7

 - Important:
   QS_PermitUri, QS_Deny*, qsfilter2 apply filter rules against
   unescaped URLs where %<hex>, \x<hex> and + (new!) is unescaped.
   You should regenerate your QS_PermitUri rules using the updated
   version of the qsfilter2 tool provided by this release.

 - Very first release of mod_qos_control.

Version 5.6

 - New status viewer implementation.

Version 5.4

 - Important:
   QS_PermitUri, QS_Deny*, qsfilter2 apply filter rules against
   unescaped URLs where %<hex> and \x<hex> (new!) is unescaped.
   You should regenerate your QS_PermitUri rules using the updated
   version of the qsfilter2 tool provided by this release.

Version 5.2

 - QS_VipHeaderName creates session cookie only once.

 - VIP has no QS_LocKBytesPerSecLimit/QS_LocKBytesPerSecLimitMatch
   restrictions.

 - QS_SrvPreferNet triggers for VIP user on response header
   only.

Version 5.1

 - New directive QS_SrvPreferNet.

Version 4.30

 - Fixed: Segfault at server startup when no virtual host has
   been configured.       

Version 4.29

 - Debug log level lists available request header filter rules.

Version 4.28

 - Introduce request header filter.

Version 4.18

 - Introduce log message numbers and SSI support for error pages.

 - Add new directive QS_DenyInheritanceOff

 - Add qsfilter2, a tool to generate request URI white list rules.

 - Use mod_unique_id to tag error messages.

Version 4.13

 - QS_PermitUri uses case sensitive pcre.

Version 4.11

 - Add new directive QS_PermitUri.

Version 4.8

 - Introduce generic request filtering (QS_Deny* directive).

Version 4.3

 - New handling of graceful server restart.

Version 4.2

 - QS_LocKBytesPerSecLimitMatch, QS_LocRequestPerSecLimitMatch

Version 4.1

 - QS_LocKBytesPerSecLimit

Version 4.0

 - Introduce request/response throttling.

Version 3.12

 - Update to mod_qos viewer (status handler).

Version 3.10

 - Dynamic error page definition using setenvif.

Version 3.12

 - Introduce mod_qos viewer (status handler).

Version 3.5

 - QS_KeepAliveTimeout

Version 3.4

 - QS_SrvConnTimeout

Version 3.2

 - QS_SrvMaxConnTimeout

Version 3.1

 - QS_SrvMaxConnExcludeIP

Version 3.0

 - Introduce connection level control (QS_SrvMaxConnClose QS_SrvMaxConn).

Version 2.3

 - VIP detection.

Version 2.2

 - qslog utility.

Version 2.0

 - New implementation of location based request limitation.

Version 1.3

 - Initial version (scoreboard based request limitation).
