Re: How to check fake requests
From: Fakhar (fakharmtc_at_hotmail.com)
Date: 11/04/03
- Next message: R. Rajesh Jeba Anbiah: "Re: Session_register problem"
- Previous message: Taliesson Wang: "Re: No luck making a databast connection"
- In reply to: Eric Ellsworth: "Re: How to check fake requests"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: 3 Nov 2003 21:04:12 -0800
"Eric Ellsworth" <ez@.com.com.com.com> wrote in message news:<J4KdnZZZSMhRFDuiRTvUqA@speakeasy.net>...
> Here's a question:
> What negative effects do you expect from people hitting your website with
> fake requests?
>
> Note that by the time your fake-request-rejection script has run, your web
> server has already fielded the request and initialized PHP. Not matter what
> output you do or don't send, the server will issue response headers once the
> script finishes. So unless their requests automatically invoke some very
> CPU-intensive process, just running the rejection script is already taking
> about as much load as anything else. A more effective method is:
> mod_throttle. See this article:
> http://www.linux-mag.com/2003-02/lamp_01.html
> for more.
Thanks for response. Well I already have some concepts of throttling but
what I want to know is how to implement the task, I mentioned.
I don't have very good concepts of Web Programming. I want to know where and
what should I code in my website that will perform IP detection and checking
of number of hits as any user visit my website?
Regards
Fakhar
>
> The other poster's point about requests from proxies is also well noted. I
> would be careful blocking traffic unless you know it's malicious, or unless
> it has some specific negative effect.
>
> Cheers,
>
> Eric
- Next message: R. Rajesh Jeba Anbiah: "Re: Session_register problem"
- Previous message: Taliesson Wang: "Re: No luck making a databast connection"
- In reply to: Eric Ellsworth: "Re: How to check fake requests"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
