[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Traffic control



On Thursday 12 December 2002 16:08, Marco Antonio wrote:

> Now we are facing a problem: some people are making 'automated searches' on
> our www server -an ugly IIS5 :), and we intend to block this kind of
> search. I was thinking about blocking it on the firewall, this way:
> regularly I would collect some stats about the traffic, and if some client
> IP reaches a 'limit', I would re-run the firewall script and block that IP.

I would strongly advise against doing such a thing. It is too likely to block 
a regular (though fast reading/scanning) visitor. In other words: What limit 
do you think of? 
If it is based un number of connections within a given time, how do you make 
sure you don't block a regular visitor? You get quite a number of connections 
from them as well.
If it is based on number of bytes transfered, how do you make sure not ot 
block a normal visitor? He is very likely to transfer a lot of data 
(html-Pages, images).
The only way you could blcok a robot is by scanning the webserver-logs (or the 
content of the IP request packages) and block an IP if it only requests 
HTML-Documents and more than X documents within a certain time limit. But 
again, how do you make sure not to block a legitimate visitor? He could have 
turned of loading of images.

If you are certain which method to use, you can think about how to collect the 
data and how to react if your limits were exceeded.
If you just don't want any robot to block your IP uplink line, you might want 
to use some sort of traffic shaper (if you were using apache, I would 
recomend mod_bandwidth).

Regards,

Sven Müller
- IT - Network&Infrastructure -

-- 
* Heinrich Berndes Haushaltstechnik GmbH & Co KG
* Wiebelsheidestrasse 55, 59757 Arnsberg, Germany
* Phone: +49 2932 475-282 / FAX: -325
* http://www.berndes.com



Reply to: