httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Noel Butler <>
Subject Re: URL scanning by bots
Date Thu, 02 May 2013 23:37:17 GMT
On Wed, 2013-05-01 at 14:40 +0200, Graham Leggett wrote:

> On 01 May 2013, at 1:51 PM, André Warnier <> wrote:
> > But *based on the actual data and patterns which I can observe on my servers (not
guesses), I think it might have an effect*.
> Of course it might have an effect - the real important question is will it have a *useful*

Not that I can see, unless you're still running a 286 on 2400baud modem

> A bot that gives up scanning a box that by definition isn't vulnerable to that bot (thus
the 404) 
> doesn't achieve anything useful, the bot failed to infect the host before, it fails to
infect the 
> host now, nothing has stopped the bot moving to the next host and trying it's luck there.

Exactly, I think too many people are overly paranoid, stop one bot now,
and in 15 seconds another one, and then another one and anoth......

> Will attempts by sites across the net to slow down my bots convince me to stop? For $3.5m
worth of 
> computing power that I am getting for free, I think not.

I'm rather sure NOT, and those who hijack care even less, bots have been
a fact of server life since basically the dawn of the net, and they'll
still be here in another hundred years.

Unless I've missed something since I've been away for a bit, I think the
OP here should be more concerned about the code he runs or allows to be
run, than bothering with something as petty as rate limiting which will
ultimately affect genuine users and peeve them off pretty quick.

I can not see this feature useful, given its adverse effect potential,
it would need be off by default, and I could not see many server admins
bothering to enable it - but for fun, I just asked the question on IRC
(sysadminy type chan), currently 41 users in channel from various
countries  AU-NZ-DE-UK-FR-US-IN-ID-SA and a few unresolved, so it gives
a reasonable world-view,  I got 32 responses saying they wouldn't use
it, I got zero responses saying they would use it - so for me, too much
work for too little worth.


View raw message