[ale] apache problem
John Heim
john at johnheim.net
Wed Jan 12 12:50:43 EST 2011
All,
I have a problem with an apache web server. The problem is that one of my
users has some large PDF documents available for
download. Every few weeks, our server gets bogged down when someone tries to
download these documents many thousands of times. They download each
document only once or twice a second but over and over and over. Eventually,
our server gets bogged down. The documents are mostly in the 1.5Mb to 2Mb
range.
I deal with it by blacklisting the IP address of the offending client. Its
always a single IP address. So it can't be a denial of service attack. If it
is, its the lamest DOS attack ever.
Anybody have any idea why this is happening? I have looked for some kind of
loop in the html pages where an automatted client might think it these are
all different documents. I even tried downloading it myself with wget. No
problems.
Any suggestions for preventing this? I thought about forcing people to
register or putting up a CAPTCHA. But I'd rather not do those things. I'd
rather just prevent a single IP from downloading each document more than
once a day or something like that.
More information about the Ale
mailing list