Re: Limit download of data by IP address?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


uxwrstre wrote:
> Hello,
>
> is there a possibility to limit the download of IP addresses per day?
> For example that an IP address could not download more than 1 Gbyte per day of the apache server? Is there somewhere a module doing that?
>
> My problem is that my server gets all the time D.o.S. attacks, the attacker tries to download big files multiple times, and I would like to limit this per day.
>
> Best regards,
> saf
>
>   

Depending on your audience you do have a few real options, as has been
said you can use mod_cband, or mod_bw to limit rate by file and by
mimetype etc... This might ensure that you always have enough spare
bandwidth to serve real requests.
You can store information about this particular user, and refuse them
permission to do this, I am thinking shared objects in flash. Increasing
the complexity will force the user to be human. Little tests like the
Google captcha you get if you search too many times from the address bar
in a short space, are cool here.
You can force them to authenticate for large files, and if you do this,
use a gateway script to chunk out the file and refuse more that one
connection and allow only one connection per user. If you force https
for the connection you will learn about them as well, this way you can
cut through some of the more usual problems. Most windows machines leak
back other data to the OS your server is running on, and it is more than
possible to profile the particular user this way.
How well do you know you user base, can you not ban many locations, or
time ban the locations that shouldnt be active at that time. How high
profile is your site, if it worth the money there are CDNs out there, if
not, you can consider rotating the availability of the new downloads as
the sun rotates round the earth for non authenticated users. It does
depend on what the files are and how your users would react.
Finally you can use a free content distribution service like Coral -
which works if the attacks are coming in relatively quickly.

-- 
Matthew Farey



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux