简体繁体 English

如果在Apache2上每秒发出的请求太多，则阻止IP

[英]Block IP if too many requests come per second on Apache2

原文 2011-03-14 06:53:42 8 3 php/ .htaccess/ apache2

How can I block an IP / the requests of an IP if too many requests come per second? 如果每秒发出的请求太多，我如何阻止IP / IP请求？

Sometimes I notice many (about 50) webpage requests per second to my webserver. 有时我每秒都会注意到我的网络服务器有很多（大约50个）网页请求。 I think a script copies the content of the server. 我认为脚本会复制服务器的内容。 Now I want to block the IP if they make to many requests. 现在我想阻止IP，如果他们提出许多请求。 They can delete the block, if they enter a captcha. 如果他们输入验证码，他们可以删除该块。 Google does something like this (Just make a fast webcrawler and crawl Google. You'll be blocked quite soon. Don't do this in school ;-) ) 谷歌做了这样的事情（只需快速浏览网页抓取并抓取谷歌。你很快就会被阻止。不要在学校这样做;-)）

I use PHP-Scripts on an Apache2 server. 我在Apache2服务器上使用PHP-Scripts。 I can't install new software on this server, but I can use htaccess files. 我无法在此服务器上安装新软件，但我可以使用htaccess文件。 I hope it is possible to solve this problem with this limited possibilities. 我希望有可能以这种有限的可能性来解决这个问题。

3 个解决方案

I'd start looking at the DOS-protection modules. 我开始看看DOS保护模块。 This might be a higher load than you were envisaging - I'm unclear if you're talking about 10s of requests per minute or hundreds per second... 这可能比您设想的负载更高 - 我不清楚您是在谈论每分钟10次请求还是每秒数百次...

You should have a look at this module and see if it fits your needs. 您应该看看这个模块，看看它是否符合您的需求。

如果你可以安装模块：这可以帮助你： http ： //httpd.apache.org/docs/2.2/howto/access.html 。

The best way to block ip based on requests should be done on the firewall.. We can even configure firewall for certain no. 根据请求阻止ip的最佳方法应该在防火墙上完成。我们甚至可以为某些no配置防火墙。 of false authentication trials.. 虚假认证试验

But if you want to do this only through apache then the module referred by Basiclife would be good.. 但是，如果你只想通过apache这样做，那么Basiclife推荐的模块会很好..

But always make sure that you dont restrict the real visitors who use your server more.. :) 但总是要确保你不要限制使用你的服务器的真实访客.. :)