On 4/11/07, Martijn <[EMAIL PROTECTED]> wrote:
It sounds all nice and interesting, but the article is from 2000 and when I search for the module name, Google has hardly any other results. Which could mean that either it works so perfectly well that no one even bothered to write a documentation, or that it is outdated, replaced by something better and shouldn't be used anymore.
At eToys.com we used a modified version of this code to deal with denial of service attacks. We made it block based on our (authenticated) session cookies if they were present, and fall back to IP address. Our criteria for blocking was "more than n hits in a m second timespan" and that seemed to work. Since that time, a number of C modules have come along with similar capabilities: mod_evasive, mod_security, mod_throttle, mod_bandwidth, etc. If you have a need to protect resources not served by mod_perl, these are a better bet, since they can be run in your proxy server. At my current company, Sam Tregar wrote CGI::Application::Plugin::RateLimit for simple "keep people from spamming our suggestions form" uses. It allows you to catch the problem and provide a friendly error message, which is important in this sort of gray area where the user may not have been malicious. - Perrin