Welcome to WebmasterWorld Guest from 54.145.136.73

Forum Moderators: Ocean10000 & incrediBILL & phranque

Throttling bad bots automatically?

mod_throttle gone, alternative?

   
7:54 pm on Oct 13, 2010 (gmt 0)

10+ Year Member



I would like my Apache server to fail gracefully with an HTTP 503 when some bot comes along and hammers the site relentlessly.

It doesn't seem to be doing this -- one one of my single-server sites we had an event today, and the bot was able to successfully crowd out most other requests.

Ideally, a given IP could be limited to a certain number of requests or sustained hit rate, or something like that. I think this is what the old mod_throttle was supposed to do, but it doesn't exist any more.

Any good ideas out there so I don't have to reinvent a wheel?

The site uses Drupal (PHP) which is a total memory pig ... a typical high value is 37MB per child process (Yikes!).

My server settings are currently:

<IfModule mpm_prefork_module>
StartServers 2
MinSpareServers 2
MaxSpareServers 2
# Set MaxClients down from 28 after out of memory event, typical client uses 37MB, usually at least 700MB free for Apache.
MaxClients 14
MaxRequestsPerChild 500
</IfModule>


Even after the server had hit what appeared to be MaxClients (based on my monitoring stats) it was not logging anything like a 503 error.

Instead, it's looking like requests are getting queued somewhere. There's no proxy (e.g. squid).

Any good ideas on how I can address this without manual blocking (which is what we did to get rid of this one).

(Server: Apache 2.2 with PHP 5.2, MySQL, Ubuntu recent with Drupal 6.x custom code.)

Thanks,

Tom
6:29 pm on Oct 14, 2010 (gmt 0)

5+ Year Member



There is mod_qos and mod_evasive:

[mod-qos.sourceforge.net...]

[zdziarski.com...]
 

Featured Threads

My Threads

Hot Threads This Week

Hot Threads This Month