Greetings.
The last few days we have been getting 1000's of connections to
dl.fedoraproject.org from a .ru ip address. They seem to launch
thousands of downloads at once. This is causing download servers to
alert about max processes and possibly not serve content to others.
I'd like to block them in httpd for now:
(note, IP changed below, since I dont think we want to point out this IP address
for all time in our mail archives. The NN.NN.NN.NN will be replaced with the final IP
when the commit is pushed)
+1's?
kevin
--
diff --git a/modules/fedora-web/files/redirects.conf b/modules/fedora-web/files/redirects.conf
index bbd3ced..717c3fe 100644
--- a/modules/fedora-web/files/redirects.conf
+++ b/modules/fedora-web/files/redirects.conf
@@ -15,6 +15,10 @@ RewriteCond %{HTTP_REFERER} ^http://.*/feed/index\.php\?pid2=.*&sid2=.*&mb2=.*&p
RewriteCond %{HTTP_REFERER} ^http://playdot.net/.*$
RewriteRule .* - [F]
+# Drop connections from .ru site thats spawning thousands of connections at a time.
+RewriteCond %{REMOTE_ADDR} ^NN\.NN\.NN\.NN$
+RewriteRule .* - [F]
+
# Comment this when there is a prerelease available
#RewriteRule ^(/.*)?/get-prerelease.*$ $1/get-fedora [R=302]
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure
