so what you are saying is to use mod_throttle to limit the amount of
bandwidth that is available to each user?
this is on a dedicated server, and from what i can tell, mod_throttle
can limit bandwidth based on the virtual host or the user, whichever
you prefer.
Only allow X requests per second
On Thu, Feb 28, 2008 at 12:15 PM, Matt Juszczak <[EMAIL PROTECTED]> wrote:
> I urge you to consider mod_throttle for apache.
so what you are saying is to use mod_throttle to limit the amount of
bandwidth that is available to each user?
this is on a dedicated server, and from what i can tell, mo
Michael:
I urge you to consider mod_throttle for apache.
-Matt
___
New York PHP Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com
Show Your Participation in New York P
On 2/28/08, Randal Rust <[EMAIL PROTECTED]> wrote:
> we are getting hundreds of hits per minute from what appear to be fake
> IP addresses. i am currently writing a script that will send these
> requests to an error page prior to making the database connection.
>
> i am doing an explode() on the
On Thu, Feb 28, 2008 at 11:10 AM, Michael Sims <[EMAIL PROTECTED]> wrote:
> You know, all modern browsers - for the last ten years - use http/1.1 rather
> than 1.0. So you can probably just discard all http/1.0 requests as being
> clearly the work of machines rather than humans.
ok. but how w
: Thu, 28 Feb 2008 11:08:02
To:"NYPHP Talk"
Subject: Re: [nyphp-talk] Urgent: Help in Defending Attack
On Thu, Feb 28, 2008 at 11:00 AM, Dan Cech <[EMAIL PROTECTED]> wrote:
> To me this doesn't really sound like an attack. Unless you're getting
> thousands of hits f
On Thu, Feb 28, 2008 at 11:08 AM, Guilherme Blanco
<[EMAIL PROTECTED]> wrote:
> You're received an spider attack.
ok, makes sense.
> The first thing to do is to disable the access to this page.
we have been doing that on and off.
> Create a robots.txt in your main website and disallow it.
y
On February 28, 2008, Randal Rust wrote:
> On Thu, Feb 28, 2008 at 10:33 AM, Cliff Hirsch <[EMAIL PROTECTED]>
wrote:
> > What kind of hit? Does the url have "attack" strings? Check out phpids
> > -- might help.
>
> here is what i know:
>
> 1. got up this AM and was getting error messages that the
Mod throttle in apache for the win. I haven't read this thread yet but I will
when I get to work.
Matt
-Original Message-
From: "Randal Rust" <[EMAIL PROTECTED]>
Date: Thu, 28 Feb 2008 11:08:02
To:"NYPHP Talk"
Subject: Re: [nyphp-talk] Urgent: Help in
Also, you can check for the USER_AGENT the attacker is using. if it's
not any known, redirect to 404.
But this is perfectly overwritable via curl... so don't trust too much this one.
Regards,
On Thu, Feb 28, 2008 at 1:08 PM, Guilherme Blanco
<[EMAIL PROTECTED]> wrote:
> You're received an spide
You're received an spider attack.
The first thing to do is to disable the access to this page. Create a
robots.txt in your main website and disallow it.
You can take an example by accessing www.google.com/robots.txt
The second stage is to prevent bad spiders from read the robots as its
destinatio
On Thu, Feb 28, 2008 at 11:00 AM, Dan Cech <[EMAIL PROTECTED]> wrote:
> To me this doesn't really sound like an attack. Unless you're getting
> thousands of hits from the same IP
they are different IPs, and when i do a lookup on many of them, i get
*invalid IP range* on them.
> it's more like
Randal Rust wrote:
it is targeted entirely to the one page on the site. if i take it
down, everything works fine.
problem is, that's *the* most important page on the site.
To me this doesn't really sound like an attack. Unless you're getting
thousands of hits from the same IP it's more likel
On Thu, Feb 28, 2008 at 8:18 AM, Guilherme Blanco
<[EMAIL PROTECTED]> wrote:
> Randal... try this one...
> function getClientIp()
event if i can run this function, how am i going to get the IP?
i can't dump it into the DB, and the mailserver is down as well.
--
Randal Rust
R.Squared Communic
On Thu, Feb 28, 2008 at 10:41 AM, Randal Rust <[EMAIL PROTECTED]> wrote:
> > What kind of hit? Does the url have "attack" strings? Check out phpids --
> > might help.
it is targeted entirely to the one page on the site. if i take it
down, everything works fine.
problem is, that's *the* most
On Thu, Feb 28, 2008 at 10:33 AM, Cliff Hirsch <[EMAIL PROTECTED]> wrote:
> What kind of hit? Does the url have "attack" strings? Check out phpids --
> might help.
here is what i know:
1. got up this AM and was getting error messages that there are too
many connections to the database
2. the h
On 2/28/08 7:44 AM, "Randal Rust" <[EMAIL PROTECTED]> wrote:
> we are getting hundreds of hits per minute from what appear to be fake
> IP addresses. i am currently writing a script that will send these
> requests to an error page prior to making the database connection.
>
> i am doing an explode
Randal... try this one...
function getClientIp()
{
// This function get the IP of an user, even when he's behind a simple
proxy
// List of possible ip sources, in order of priority
$ip_sources = array(
"HTTP_X_FORWARDED_FOR",
"HTTP_X_FORWARDED",
"HT
> just try with $_SERVER['REMOTE_ADDR'] it gives ip of client machine
yeah, that's what i meant. however, i was trying to get around using
the full IP.
--
Randal Rust
R.Squared Communications
www.r2communications.com
___
New York PHP Community Talk Mai
just try with $_SERVER['REMOTE_ADDR'] it gives ip of client machine
- Original Message
From: Randal Rust <[EMAIL PROTECTED]>
To: NYPHP Talk
Sent: Thursday, February 28, 2008 4:44:57 AM
Subject: [nyphp-talk] Urgent: Help in Defending Attack
we are getting hundreds of
we are getting hundreds of hits per minute from what appear to be fake
IP addresses. i am currently writing a script that will send these
requests to an error page prior to making the database connection.
i am doing an explode() on the $_SERVER['REMOTE_HOST] to get the
first part of the IP. Does
21 matches
Mail list logo
