[oclug] Apache anti-abuse
David F. Skoll
dfs at roaringpenguin.com
Fri Aug 23 09:20:26 EDT 2002
On Fri, 23 Aug 2002 rod at giffinscientific.com wrote:
> Might a user surfing your web site at 4:30 in the morning
> accidentally trigger the script threshold?
Only if that user looks at 250 pages (well, 250 requests) on my site
quickly. Given that I have only 30-40 pages on the entire site,
that's pretty unlikely.
> How about sudden interest in your website from a potential client
> who uses proxy servers. Could that accidentaly trigger the script?
Not likely either, for the same reasons as above. I went through my
stats from November 2001, and the heuristics would have caught only the
two actual abusers.
I suppose if 30 people behind a NAT box all suddenly become interested
in the site, it could trigger. But I don't worry too much about that.
The only time that's likely to happen is if the site is slashdotted, and
there will be enough other traffic to keep any single NAT box below
the 25% threshold.
More information about the OCLUG