httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Boyle Owen" <Owen.Bo...@swx.com>
Subject RE: [users@httpd] how to prevent malicious scripting attack
Date Thu, 01 Apr 2004 16:10:00 GMT
Plain text please...

It's obviously a robot but not necessarily a malicious one. You might
try putting a robots.txt file on the server (see
http://www.robotstxt.org/wc/norobots.html for details). This is a
voluntary standard but well-behaved robots are supposed to obey it.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

-----Original Message-----
From: Liu, Jack [mailto:Jack.Liu@FALCONJET.COM]
Sent: Donnerstag, 1. April 2004 17:59
To: 'users@httpd.apache.org'
Subject: [users@httpd] how to prevent malicious scripting attack


Hi, 
  I checked the access.log, and found there are many requests coming
from one IP address. Normally, when human gets one page, he will at
least spend 10 or 20 seconds to take a look at the page, then move on to
another page. However, in the log file, the request from this IP address
changes page within mili-seconds constantly and lasts for several hours.
That is why I believe it is some kind of automation program or scrip
running on this IP address. Human cannot move that fast. 
It cause our HTTP server stop resoponding to users. 
(I know "deny,allow" directive, they only apply to
Directory,File,Location. They don't apply on the Server level. Setting
it Directory, File, Location doesn't help, because the HTTP request
still consume resource until the server cannot take it anymore. If I can
set them up at the Server lever, when the request comes from this IP
address, the Sever can drop it completely without bothering to allocate
more resource.)
  
  Does the HTTP server have the ability to detect such "pattern of
behavior" accordingly? 
  
  If not, any idea of other HTTP server which can do this, detecting
such "pattern of behavior" (so that we may block it in the router).

  Thanks.

  Jack Liu

Diese E-mail ist eine private und persönliche Kommunikation. Sie hat
keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This
e-mail is of a private and personal nature. It is not related to the
exchange or business activities of the SWX Group. Le présent e-mail est
un message privé et personnel, sans rapport avec l'activité boursière du
Groupe SWX.

This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission.
If you receive this message in error, please notify the sender urgently
and then immediately delete the message and any copies of it from your
system. Please also immediately destroy any hardcopies of the message.
You must not, directly or indirectly, use, disclose, distribute, print,
or copy any part of this message if you are not the intended recipient.
The sender's company reserves the right to monitor all e-mail
communications through their networks. Any views expressed in this
message are those of the individual sender, except where the message
states otherwise and the sender is authorised to state them to be the
views of the sender's company. 



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message