httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yehuda Katz <>
Subject Re: [users@httpd] how to block the duplicated requests?
Date Tue, 19 May 2015 14:01:45 GMT
There are a few modules that you might be able to modify to meet your needs
- although these things are generally designed for DDoS protection.

   - mod_security -
   - mod_evasive -
   - mod_cband -
   - mod_limitipconn -

Though those modules exist, this might be best implemented in your

Another way to do it would be with a log parsing tool like Fail2Ban.

- Y

On Tue, May 19, 2015 at 4:29 AM, javalishixml <> wrote:

> Hi,
> I have a website. It is built by apache + tomcat.
> Now we make a lottery activity at this website. But we find that some robots always raise
the duplicated requests to hit this lottery activity. It causes that robots almost get all
the awards.
> So we just want to block these kind of duplicated requests at every interval unit.
> For example, we set the interval unit is 3 seconds. The if the robot want to hit the
lottery activity in 3 seconds, the website could block this action.
> So how to do it? I suppose if we do it at tomcat level, is it a very low performance?
Can I do it at apache level? how to do it?
> If I could not do it apache level?
> Thanks in advance,
> Java Coder

View raw message