Hello,we are running squid as accelerator and load balancer in front of a web server farm.
the problem is that the main content of the farm is badly cacheable (some type of search engine, so HITs are mainly on pictures etc. but on content), so much of the traffic is hitting the web servers directly.
Some kiddies are running scripts against the farm, which results in something like a denial of service attack due to heavy load on the webservers.
to avoid this, we think about something like a "throttling redirector", which should be configureable to limit the number of requests from a specific IP. i.e. we would allow 20 requests in 20 seconds, the 21. and following request should be denied for - lets say - the next 60 seconds.
i know about acl maxconn, but this is not what we want (we dont want to limit the number of connections, but the number of content requests per time period).
Any ideas? Regards, Stefan Hartmann -- 09-f9-11-02-9d-74-e3-5b-d8-41-56-c5-63-56-88-c0 --- OnlineDienst Nordbayern | http://www.odn.de/ | Internet-Systemhaus GmbH & Co.KG | E-Mail: hartm@xxxxxx | Hosting, Housing Steinstr. 19 | Tel: 0911 / 933877-0 | Consulting, VoIP 90419 Nuernberg - Germany | Fax: 0911 / 933877-55 | Programmierung GF Christiane Teichgräber | AG Nürnberg HRA 13304 |
Attachment:
signature.asc
Description: OpenPGP digital signature
