On Sat, Dec 08, 2007 at 10:25:06AM -0800, Charles Michener wrote: > I have a 'not too bright' router that does not allow me to block naughty IP's from my Apache 2.2 server so I am successfully blocking them from Apache using the 'Deny from' directive. > > What performance load do I get as I add more IP's to my Deny list? > > Is it better to keep adding separate 'Deny from xxxx' lines or should I be using one line: 'Deny from xxxx yyyy zzzz ...' How many addresses do you want to block that way? Dozens? Hundreds? Thousands? Naughty IP's sounds dynamic. Not sure Apache is the best place to block them. Ever thought about a firewall? Otherwise: Try to find out with apache bench (ab). It's really quite simple. If you stick to reasonable numbers, I do not see much of a performance problem. regs, Christian --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|