httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Niklas Edmundsson <>
Subject Re: mod_limitipconn merge - try2
Date Sat, 23 Aug 2008 10:58:40 GMT
On Fri, 22 Aug 2008, William A. Rowe, Jr. wrote:

>>>> this is a form of authorization, it appears to fit in aaa.  Perhaps even
>>>> with a name in that scheme, such as mod_authz_hostlimit or something like

>>>> that.
>>> I'd say that's stretching a point.  But since I don't think I can
>>> suggest an existing category into which it fits: the nearest functions
>>> to it are in core!
>>> Something like modules/traffic/ would kind-of describe it, but as of
>>> now it would seem lonely there.  I wonder if there's a case for
>>> modules/misc/ ?
>> modules/limiters/ or something? That would cover a lot of things like 
>> concurrent requests-per-ip/mimetype, ratelimiting and so on but still isn't 
>> auth/access control...
> This *is* access control, you are denying access, based on something other
> than user and password.  mod_authn_hostname anyone?  This fits neatly into
> the same general category.

Yes, but it's not definitive access, more like the "amount" of 
access... I think most end users see access control as "can I access 
this content or not", and even though a rate limiter is denying access 
in the sense that it's reducing bandwidth the user can still access 
the data.

Sure, you can argue either way, but I think that end users 
will be more confused by most modules being called 
mod_authwhatever_whatever (in fact, they're already confused).

  Niklas Edmundsson, Admin @ {acc,hpc2n}      |
  * * * <-  Tribbles

View raw message