> On Jan 16, 2015, at 4:37 AM, André Warnier <a...@ice-sa.com> wrote: > > If you do have an Apache httpd front-end anyway, it still seems a bit of a > shame to have to use any Tomcat bandwidth and resources in order to catch > this kind of thing, and not be able to do it at the Apache httpd level, > before you even decide to proxy the request to Tomcat. Apache httpd also has > a lot of add-ons to catch and deny things like obstreperous clients etc.. > Are you sure that there is nothing which you could "export" from Tomcat to > Apache httpd, to allow httpd to catch these unwanted requests earlier ? (not > necessarily all of them; but whatever you catch there, saves resources in > Tomcat). > > Some info, if it can be useful : unlike a servlet or filter in Tomcat, > Apache-based code does not necessarily "consume" the whole request in order > to examine for example some POST parameters. So it can do that, and still > proxy (or not) the whole request to Tomcat if appropriate. > It is probably a fair bet, that many of these unwanted requests follow some > kind of general pattern that could be relatively easily filtered out early, > isn't it ?
This is for a license check phone-home server. Old versions of our products had bugs that could cause them to endlessly make phone-home requests as fast as possible. We need to examine the POST data, check the product code parameter to see which product it is, as well as a version parameter to see which version of the product it is. We then consult a lookup table (hard-coded into Java) to see whether to reject the request or respond to it. I would assume that is beyond the scope of configurable filters in Apache, maybe I’m wrong? --Jesse Barnum, President, 360Works --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
