Forum OpenACS Development: Re: Blocking access to login based on repetitive hits by ip address?

Collapse
2: Re: Blocking access to login based on repetitive hits by ip address? (response to 1)
Posted by Jade Rubick on 09/30/04 02:59 PM
I suspect you're getting 4000 hits because your robots.txt does not exclude /register.

Feel free to offer this as a patch for OpenACS. None of us should be getting this behavior.

If we do implement something on this, I think Google Mail has the best interface approach. I'll send you a GMail invite if you want to check it out.

Collapse
3: Re: Blocking access to login based on repetitive hits by ip address? (response to 2)
Posted by Jeroen van Dongen on 10/01/04 11:32 AM
I agree fully with Jade, but just in case you would want to do this blocking anyway for some reason: don't do it in oacs. Chances are that you're running some flavor of unix and most unices have packetfiltering capabilities (netfilter/iptables on linux, ipfw on bsd, sunscreen lite for solaris). A simple script can tail the fw log or access log and add/delete fw rules based on what it sees. There are some implementations for this concept as well (mostly netfilter/iptables based) - freshmeat/google is your friend.