Re: Protection against impolite bots

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

Thanks Nick. mod_loadavg is not very useful since we have a tomcat
behind the apache proxy doing real heavyweight work. Also mod_evasive
is a bit restrictive since it wants multiple requests to the exact
same URI or exact same apache child.

> 20 requests per second from one IP isn't necessarily abuse.  Even if
> you don't have pages containing lots of images (thus asking clients
Looking at the log file, you can easily see that it is a malicious
user. For example, client always asks the same url but with an extra
"j" appended in the search query for every new request. Sometimes the
request URL is very long. And 20 searches per second in our
application generates quite a lot of load.

> Having said that, there are a number of third-party modules to do
> what you're asking.  mod_evasive, for example, is designed for
> precisely that purpose.  See modules.apache.org for others.

> There are other approaches you could consider if the real issue
> is a heavyweight application, so that 20/sec is hurting the server.
> For example, mod_load_average can be used to refuse to run the
> heavyweight app and return a "server busy" page instead when the
> load is too high.  That way, static stuff will be unaffected by
> the heavy traffic.
>
> --
> Nick Kew
>
> Application Development with Apache - the Apache Modules Book
> http://www.apachetutor.org/
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>    "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>
>


-- 
Nilesh Bansal.
http://queens.db.toronto.edu/~nilesh/

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux