[ale] apache problem
John
jdp at algoloma.com
Wed Jan 12 12:58:18 EST 2011
Why not just limit the concurrent connections from each IP over some
period of time?
http://www.debian-administration.org/articles/187
On 01/12/2011 12:50 PM, John Heim wrote:
> All,
>
> I have a problem with an apache web server. The problem is that one of my
> users has some large PDF documents available for
> download. Every few weeks, our server gets bogged down when someone tries to
> download these documents many thousands of times. They download each
> document only once or twice a second but over and over and over. Eventually,
> our server gets bogged down. The documents are mostly in the 1.5Mb to 2Mb
> range.
>
> I deal with it by blacklisting the IP address of the offending client. Its
> always a single IP address. So it can't be a denial of service attack. If it
> is, its the lamest DOS attack ever.
>
> Anybody have any idea why this is happening? I have looked for some kind of
> loop in the html pages where an automatted client might think it these are
> all different documents. I even tried downloading it myself with wget. No
> problems.
>
> Any suggestions for preventing this? I thought about forcing people to
> register or putting up a CAPTCHA. But I'd rather not do those things. I'd
> rather just prevent a single IP from downloading each document more than
> once a day or something like that.
>
More information about the Ale
mailing list