Perrin Harkins wrote: > > It's configurable so after > > exceeding a threshold the client gets content from the shared memory > > cache, and if a second threshold is exceeded (ok this guy is getting > > REALLY irritating) then they get the 'come back later' message. They will > > only get cached content if they exceed x number of requests within y > > number of seconds. > > Nice idea. I usually prefer to just send an ACCESS DENIED if someone is > behaving badly, but a cached page might be better for some situations. > > How do you determine individual users? IP can be a problem with large > proxies. At eToys we used the session cookie if available (we could verify > that it was not faked by using a message digest) and wold fall back to the > IP if there was no cookie. >
I'm also using cookies with a digest. There's also the option of using the IP instead which I added in as an afterthought since my site requires cookie support. But I have nighmares of large corporate proxies seeing the same page over and over. I wonder if this would be easier to implement as a drop-in with mod_perl2 since filters are supposed to be replacing handlers? And while I'm at it, is there a mod_perl 2 users (or testers) mailing list yet?