Posted by Nu on 01/31/07 23:59

Sanders Kaufman" <bucky@kaufman.net> wrote in message
news:yW9wh.23967$yC5.5205@newssvr27.news.prodigy.net...
> Nu wrote:
> > I want to protect myself from if someone with a fast connection hammers
my
> > site. It's not denial of service attacks, but offline downloaders (of
course
> > that don't show they're offline downloaders in the useragent so I can't
> > filter them by that). My main issue is my site is PHP so if they hammer
it,
> > it gets all the PHP files executing and overwhelms the CPU. I'd like to
be
> > able to after a certain amount of hits on my index.php per second, so
just
> > refuse.
> >
> > I can't find how to do that. Can it be done in PHP, htaccess, etc.
> >
> > Any ideas?
>
> Can't be done. You cannot control what other people on the web
> do. You can only control how you react.
>
> Any measure you take against the dishonest folks, you also take
> against the honest ones. To that end, there are services out
> there who will gladly charge you thousands of dollars to sell
> you service packages for several thousand per month. And some
> of those might even help to track down your abusive user.
>
> But your best bet is to just make sure you have capacity to
> handle peak loads, and that overloaded systems throttle down
> gracefully.
>




Actually, my site goes to index.php and then index.php digs around in other
PHPs and MySQL. If I stop it right at index.php, I can keep my account from
overloading the CPU.

[Back to original message]