Hello,
we are running squid as accelerator and load balancer in front of a web
server farm.
the problem is that the main content of the farm is badly cacheable
(some type of search engine, so HITs are mainly on pictures etc. but on
content), so much of the traffic is hitting the web servers directly.
Some kiddies are running scripts against the farm, which results in
something like a denial of service attack due to heavy load on the
webservers.
to avoid this, we think about something like a "throttling redirector",
which should be configureable to limit the number of requests from a
specific IP. i.e. we would allow 20 requests in 20 seconds, the 21. and
following request should be denied for - lets say - the next 60 seconds.
i know about acl maxconn, but this is not what we want (we dont want to
limit the number of connections, but the number of content requests per
time period).
Any ideas?
Regards,
Stefan Hartmann
-- 09-f9-11-02-9d-74-e3-5b-d8-41-56-c5-63-56-88-c0 --- OnlineDienst Nordbayern | http://www.odn.de/ | Internet-Systemhaus GmbH & Co.KG | E-Mail: hartm_at_odn.de | Hosting, Housing Steinstr. 19 | Tel: 0911 / 933877-0 | Consulting, VoIP 90419 Nuernberg - Germany | Fax: 0911 / 933877-55 | Programmierung GF Christiane Teichgräber | AG Nürnberg HRA 13304 |
This archive was generated by hypermail 2.2.0 : Fri Aug 15 2008 - 12:00:03 MDT