Return-Path: 
 <dev-return-77413-apmail-httpd-dev-archive=httpd.apache.org@httpd.apache.org>
X-Original-To: apmail-httpd-dev-archive@www.apache.org
Delivered-To: apmail-httpd-dev-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 465CDFC30
	for <apmail-httpd-dev-archive@www.apache.org>;
 Tue, 30 Apr 2013 13:41:08 +0000 (UTC)
Received: (qmail 39245 invoked by uid 500); 30 Apr 2013 13:41:07 -0000
Delivered-To: apmail-httpd-dev-archive@httpd.apache.org
Received: (qmail 39169 invoked by uid 500); 30 Apr 2013 13:41:07 -0000
Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@httpd.apache.org
list-help: <mailto:dev-help@httpd.apache.org>
list-unsubscribe: <mailto:dev-unsubscribe@httpd.apache.org>
List-Post: <mailto:dev@httpd.apache.org>
List-Id: <dev.httpd.apache.org>
Delivered-To: mailing list dev@httpd.apache.org
Received: (qmail 39154 invoked by uid 99); 30 Apr 2013 13:41:06 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 30 Apr 2013 13:41:06 +0000
X-ASF-Spam-Status: No, hits=1.5 required=5.0
	tests=HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of yehuda@ymkatz.net designates
 209.85.223.181 as permitted sender)
Received: from [209.85.223.181] (HELO mail-ie0-f181.google.com)
 (209.85.223.181)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 30 Apr 2013 13:41:01 +0000
Received: by mail-ie0-f181.google.com with SMTP id tp5so592199ieb.12
        for <dev@httpd.apache.org>; Tue, 30 Apr 2013 06:40:40 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20120113;
        h=x-received:dkim-signature:mime-version:x-received:in-reply-to
         :references:date:message-id:subject:from:to:content-type
         :x-gm-message-state;
        bh=QpYX8ooW0dwd4860s/55c7RisgqkN9WbTzdgTkpJG8w=;
        b=XSEnLkpA6cIKKsFeWwkTmrvnVimNBbROwj9W5UKV9XeGkAYDTpryvtTiXmGT9IPZs3
         rWpwTQnFlbWLAVnzFjh8XG/Q6YiNdfJvEv9BbZXuN1qLNr4DXHJIIEDWQtNSjEsafN8M
         INFIoC6tcr6dnwAYp+zUL/LLY7fuhiZj5jCYYyocVQjnI0Ysg0W2++nxEWVdDufv25FT
         5lzIpCcPLqcm4f+8q9YP8SbNO3I9Xpmmy7uVsO/607F/2HlQEGq5HweIcBEGKaV+C9o3
         dYktWqVGrHY7HEQ6XGybk2mw/Bfa70JXnhI5olasf6qtUPYgiRpQZ7x64K0BYhQl3zUp
         cr7A==
X-Received: by 10.50.20.38 with SMTP id k6mr3964776ige.50.1367329240251;
        Tue, 30 Apr 2013 06:40:40 -0700 (PDT)
Received: from mail-ia0-x232.google.com (mail-ia0-x232.google.com
 [2607:f8b0:4001:c02::232])
        by mx.google.com with ESMTPSA id
 xc3sm7175840igb.10.2013.04.30.06.40.38
        for <dev@httpd.apache.org>
        (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
        Tue, 30 Apr 2013 06:40:39 -0700 (PDT)
Received: by mail-ia0-f178.google.com with SMTP id j38so441441iad.23
        for <dev@httpd.apache.org>; Tue, 30 Apr 2013 06:40:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=ymkatz.net; s=g;
        h=mime-version:x-received:in-reply-to:references:date:message-id
         :subject:from:to:content-type;
        bh=QpYX8ooW0dwd4860s/55c7RisgqkN9WbTzdgTkpJG8w=;
        b=P4fjUNjR0k8SF/9fQnKACk5GWIM9P8BYYtkylj8Q+kR7WPR8b5C10OfnCvduXgvA5j
         B3AKWMeMwujFAZvcuNFKXmnGekut/xJhiBhdDPq4kqkrYqHvLPeC8hPPKzuOOkBlJitV
         2c4Hbwzz2V5wyAAj/1FG0TTDvR33SgST+HuvQ=
MIME-Version: 1.0
X-Received: by 10.50.119.39 with SMTP id kr7mr3941830igb.19.1367329238563;
 Tue, 30 Apr 2013 06:40:38 -0700 (PDT)
Received: by 10.42.73.137 with HTTP; Tue, 30 Apr 2013 06:40:38 -0700 (PDT)
In-Reply-To: <20130430114945.GA23155@elias>
References: <517F96F0.3090004@ice-sa.com>
	<20130430114945.GA23155@elias>
Date: Tue, 30 Apr 2013 09:40:38 -0400
Message-ID: 
 <CAGBAQ451NPRmP8EgQrAWdw7wiOy46gWF4YdN6cH+6W1i2k3DWw@mail.gmail.com>
Subject: Re: URL scanning by bots
From: Yehuda Katz <yehuda@ymkatz.net>
To: "dev@httpd.apache.org" <dev@httpd.apache.org>
Content-Type: multipart/alternative; boundary=089e013c64668e4d5704db9425eb
X-Gm-Message-State: 
 ALoCoQkLS8gucU6IVIKOMYOyPTYzhaMeHhPVESujxs2ksoSEKWu2mTXs9X0IH1737ZnBg1qzDCXd
X-Virus-Checked: Checked by ClamAV on apache.org

--089e013c64668e4d5704db9425eb
Content-Type: text/plain; charset=ISO-8859-1

On Tuesday, April 30, 2013, Christian Folini wrote:

> But you can try it out for yourself easily with
> 2-3 ModSecurity rules and the "pause" directive.
>
Someone suggested the same idea to me and I tried it out on one of my
servers by setting PHP as the 404 handler and having it loop there. (which
saves you the trouble of setting up mod_security if you already have PHP).
I noticed increased server load and no decrease in bot requests.
- Y

--089e013c64668e4d5704db9425eb
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

On Tuesday, April 30, 2013, Christian Folini  wrote:<br><blockquote class=
=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padd=
ing-left:1ex">But you can try it out for yourself easily with<br>
2-3 ModSecurity rules and the &quot;pause&quot; directive.<br>
</blockquote><div>Someone suggested the same idea to me and I tried it out =
on one of my servers by setting PHP as the 404 handler and having it loop t=
here. (which saves you the trouble of setting up mod_security if you alread=
y have PHP). I noticed increased server load and no decrease in bot request=
s.<span></span></div>
<div>- Y</div>

--089e013c64668e4d5704db9425eb--