-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 1/13/2015 3:29 PM, Jesse Barnum wrote: > I need the ability to examine the POST data from a request, examine > it, and either respond to it or close the connection without > returning any result, not even a 200 OK status. > > The reason for this is because I’m getting overwhelmed with > thousands of invalid requests per second, which are racking up > bandwidth fees. The requests can’t be traced to an IP address, so I > can’t just block them in a firewall or Apache - I need to actually > use logic in my Tomcat app to figure out which requests to respond > to. > > Is there a way to force Tomcat to just drop the connection and > close the socket without sending a response? > > --Jesse Barnum, President, 360Works >
Possibly with mod_security? https://www.modsecurity.org/ You can add this to Apache HTTPD if you're fronting Tomcat with it, or you can check out the Java implementation here: http://blog.spiderlabs.com/2013/09/modsecurity-for-java-beta-testers-needed.html I have used mod_security, and while it's somewhat a beast, it does a great job at protecting web applications. I have not used the Java version. . . . just my two cents /mde/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJUta46AAoJEEFGbsYNeTwtDI4H/iImbmftf+KIxBsPo1Gx0+ZD mFPdlgDegHDQRRlDxGFShoyAQcKX9O/xIfy04P6SrOLdxQJ5sBVv5uEN7qYp24Ar WLz0Iwy/zGWpA0Y7Gq1AXRK64oGvrmJJ8KMLwXu9eBUCQiK8eIJvNZdKRJi/7Ki/ FLxchfA8E9DGA3B59uebuSYgmVobj1hCK5/+z2DMNNSZh0nTWb29dbzW/BCC8/e5 y123ZapWPS1ze2bjkgC6FZmZD9eH2JN1QTC0966R4G9K3LmKpCS3SyxZisxfRPUh AZVhvJ9tV5jzaMytveOj2MSltUlqJA/PitQIbFP3plP3hyB3lSFwacyZiePOeQ8= =bQTB -----END PGP SIGNATURE----- --- This email is free from viruses and malware because avast! Antivirus protection is active. http://www.avast.com --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
