I would like my Apache server to fail gracefully with an HTTP 503 when some bot comes along and hammers the site relentlessly.
It doesn't seem to be doing this -- one one of my single-server sites we had an event today, and the bot was able to successfully crowd out most other requests.
Ideally, a given IP could be limited to a certain number of requests or sustained hit rate, or something like that. I think this is what the old mod_throttle was supposed to do, but it doesn't exist any more.
Any good ideas out there so I don't have to reinvent a wheel?
The site uses Drupal (PHP) which is a total memory pig ... a typical high value is 37MB per child process (Yikes!).
My server settings are currently:
# Set MaxClients down from 28 after out of memory event, typical client uses 37MB, usually at least 700MB free for Apache.
Even after the server had hit what appeared to be MaxClients (based on my monitoring stats) it was not logging anything like a 503 error.
Instead, it's looking like requests are getting queued somewhere. There's no proxy (e.g. squid).
Any good ideas on how I can address this without manual blocking (which is what we did to get rid of this one).
(Server: Apache 2.2 with PHP 5.2, MySQL, Ubuntu recent with Drupal 6.x custom code.)