Question

Has anyone had success preventing "F5 Bombing" where a person can hold down the F5/refresh key and temporarily overload your server?

I have tested this myself and about a minute later, the site seems to resume functionality.

I thought this might have to do with the apache configuration setting "Keep Alive" however I have been forced to disable it due to the blank page / "page cannot be displayed errors" that I encounter when "Keep Alive" is enabled.

Thank you in advance!

Environment

-- BrianMahoney - 28 Aug 2007

Answer

If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.

This invokes many requests of the same TWiki page by the same IP address. We have frequent problems on twiki.org by ill behaving spiders that crawl twiki.org at a high rate.

The proper solution (not yet done on twiki.org) is to use throttling by IP address: Requests by the same IP address get delayed by 10 sec, then 20 sec, then 60 sec if requests are done too frequently.

Related links:

• http://gentoo-wiki.com/HOWTO_Apache_2_bandwidth_limiting
• http://www.cohprog.com/mod_bandwidth.html
• http://www.stonehenge.com/merlyn/LinuxMag/col17.html
• http://search.cpan.org/~drolsky/Apache-Quota-0.04/lib/Apache/Quota.pm
• http://www.howtoforge.com/mod_cband_apache2_bandwidth_quota_throttling

-- PeterThoeny - 28 Aug 2007

Thank you so much!

-- BrianMahoney - 28 Aug 2007

Your very welcome!

-- PeterThoeny - 29 Aug 2007