RE: Freeze break request: drop http requests from abusive ip

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

+1

-----Original Message-----
From: infrastructure-bounces@xxxxxxxxxxxxxxxxxxxxxxx [mailto:infrastructure-bounces@xxxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Kevin Fenzi
Sent: Tuesday, October 29, 2013 12:37 PM
To: Fedora Infrastructure
Subject: Freeze break request: drop http requests from abusive ip

Greetings.

The last few days we have been getting 1000's of connections to dl.fedoraproject.org from a .ru ip address. They seem to launch thousands of downloads at once. This is causing download servers to alert about max processes and possibly not serve content to others.

I'd like to block them in httpd for now:

(note, IP changed below, since I dont think we want to point out this IP address for all time in our mail archives. The NN.NN.NN.NN will be replaced with the final IP when the commit is pushed)

+1's?

kevin
--
diff --git a/modules/fedora-web/files/redirects.conf b/modules/fedora-web/files/redirects.conf
index bbd3ced..717c3fe 100644
--- a/modules/fedora-web/files/redirects.conf
+++ b/modules/fedora-web/files/redirects.conf
@@ -15,6 +15,10 @@ RewriteCond %{HTTP_REFERER} ^http://.*/feed/index\.php\?pid2=.*&sid2=.*&mb2=.*&p
 RewriteCond %{HTTP_REFERER} ^http://playdot.net/.*$  RewriteRule .* - [F]

+# Drop connections from .ru site thats spawning thousands of connections at a time.
+RewriteCond %{REMOTE_ADDR} ^NN\.NN\.NN\.NN$ RewriteRule .* - [F]
+
 # Comment this when there is a prerelease available  #RewriteRule  ^(/.*)?/get-prerelease.*$ $1/get-fedora [R=302]
NOTICE:

This message, and any attachments, contain(s) information that may be confidential or protected by privilege from disclosure and is intended only for the individual or entity named above. No one else may disclose, copy, distribute or use the contents of this message for any purpose. Its unauthorized use, dissemination or duplication is strictly prohibited and may be unlawful. If you receive this message in error or you otherwise are not an authorized recipient, please immediately delete the message and any attachments and notify the sender.
_______________________________________________
infrastructure mailing list
infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/infrastructure
[Index of Archives]     [Fedora Development]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux