[ale] apache problem

John Heim john at johnheim.net
Wed Jan 12 12:50:43 EST 2011


All,

I have a problem with an apache web server. The problem is that one of my
users has some large PDF documents available for
download. Every few weeks, our server gets bogged down when someone tries to
download these documents many thousands of times.  They download each 
document only once or twice a second but over and over and over. Eventually, 
our server gets bogged down. The documents are mostly in the 1.5Mb to 2Mb 
range.

I deal with it by blacklisting the IP address of the offending client. Its
always a single IP address. So it can't be a denial of service attack. If it
is, its the lamest DOS attack ever.

Anybody have any idea why this is happening? I have looked for some kind of
loop in the html pages where an automatted client might think it these are
all different documents. I even tried downloading it myself with wget. No
problems.

Any suggestions for preventing this? I thought about forcing people to
register or putting  up a CAPTCHA. But I'd rather not do those things. I'd
rather just prevent a single IP from downloading each document more than
once a day or something like that.




More information about the Ale mailing list