[EMAIL PROTECTED] (Randal L. Schwartz) wrote:
> I'm told that my CPU throttler
> was used at etoys.com for a similar purpose, and permitted them to
> keep from losing millions of dollars of revenue due to people
> spidering their catalog.
That's correct, although it was actually a bunch of DoS attacks that we were
using it against. We modified it to just count hits, and skip the CPU
stuff. It worked well across a cluster, using NFS to share the files with
the hit data in them.
Since it's an access handler, it was easy to just turn it on for specific
URLs where repeated access hurts. This avoids any issues with parallel
fetches for images. We also used cookies (verified similarly to the ticket
scheme in the Eagle Book) as the primary identifier and only fell back to IP
if there was no valid cookie. This can help with the proxy (i.e. many users
with one IP) problem, but you still have to make exceptions for things like
AOL proxies that can blast you with legitimate traffic. If thousands of AOL
users all click on an ad banner in the same 10 seconds, you don't want to
ban them.
- Perrin
