Date: Fri, 17 Oct 2008 14:14:14 -0700 From: Jeremy Chadwick <koitsu@FreeBSD.org> To: mdh <mdh_lists@yahoo.com> Cc: David Karapetyan <david.karapetyan@gmail.com>, freebsd-questions@freebsd.org, freebsd-ports@freebsd.org Subject: Re: Problem with www/mod_cband Message-ID: <20081017211414.GA31108@icarus.home.lan> In-Reply-To: <468319.95459.qm@web56808.mail.re3.yahoo.com> References: <20081017175359.GA27396@icarus.home.lan> <468319.95459.qm@web56808.mail.re3.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Oct 17, 2008 at 11:47:38AM -0700, mdh wrote: > It seems possible, however, that mod_cband's functionality could be > replicated by a simple script that watches the access log files and > makes an update to a .htaccess file for the virtualhost when the > virtualhost in question exceeds a given bandwidth limit which would be > configured in the script. Well, that's assuming you want to use the "maximum aggregate bandwidth per site every month" concept. I, for one, do not, because all it takes is one prick wget -r'ing the site and pow, the site is down for everyone. You could block based on IP, but believe me, they'll find or get another. (I've personally seen this with Italian users, where they'd switch to another IP to get around pf(4) blocks I put in place.) I personally prefer to just bandwidth limit sites, only permitting XXX Kbyte/sec across *all visitors*. It's the only "safe" way to deal with 95th-percentile billing in co-locations. Also, don't forget that Apache only writes an entry to the log file *after* the transfer is finished, not when the request is submit. :-) -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20081017211414.GA31108>