httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christian Folini <christian.fol...@post.ch>
Subject Re: [users@httpd] Protection against impolite bots
Date Mon, 05 Nov 2007 08:12:30 GMT
On Mon, Nov 05, 2007 at 02:30:02AM -0500, Nilesh Bansal wrote:
> Hi,
> 
> Thanks Nick. mod_loadavg is not very useful since we have a tomcat
> behind the apache proxy doing real heavyweight work. Also mod_evasive
> is a bit restrictive since it wants multiple requests to the exact
> same URI or exact same apache child.

You might want to have a look at mod_qos.

-> from the doc:
* QS_SrvMaxConnPerIP <number>
  Defines the maximum number of connections per source IP address.

Regs,

Christian

> 
> > 20 requests per second from one IP isn't necessarily abuse.  Even if
> > you don't have pages containing lots of images (thus asking clients
> Looking at the log file, you can easily see that it is a malicious
> user. For example, client always asks the same url but with an extra
> "j" appended in the search query for every new request. Sometimes the
> request URL is very long. And 20 searches per second in our
> application generates quite a lot of load.
> 
> > Having said that, there are a number of third-party modules to do
> > what you're asking.  mod_evasive, for example, is designed for
> > precisely that purpose.  See modules.apache.org for others.
> 
> > There are other approaches you could consider if the real issue
> > is a heavyweight application, so that 20/sec is hurting the server.
> > For example, mod_load_average can be used to refuse to run the
> > heavyweight app and return a "server busy" page instead when the
> > load is too high.  That way, static stuff will be unaffected by
> > the heavy traffic.
> >
> > --
> > Nick Kew
> >
> > Application Development with Apache - the Apache Modules Book
> > http://www.apachetutor.org/
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
> 
> 
> -- 
> Nilesh Bansal.
> http://queens.db.toronto.edu/~nilesh/
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message