Hi,
Recently I found that there's a robot target (tailer made!) to my photo
gallery website. It try to bulk download images from my website in rapid
rate, and with "Microsoft URL control" as agent name. It even open for
public download, encourage people using the software to download images from
my website.
That's fine, I've blocked requests with "Microsoft URL control" agent header
to block it access to my web server. However, today I found that the bad
robot maker modified the software, and use something like "Mozilla/4.0 ...."
as agent header. Now I have no way to idenitify the robot using the agent
string.
I found mod_limitipconn may solve my problem, however, it would block real
user access too for my situation.
Since request from that (at most) robots does not have a "referer" header
string,
I want to modify mod_limitipconn so that :
for (any_visiting_IP) {
if ( referer == "not exist" and request_file_size > 10KB){
ip_download_count ++;
if (ip_download_count > 10){
block_the_badip_and response_403
}
}
}
However ... I'm not good in apache module API and C++ .......
Anyone can help?
Jeff
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|