RFE: API for adding blocked IPs for a vhost/directory "from the side"

ts77

Well-Known Member
#1
Hello folks,

I'm having my own DoS-protection build into my php-scripts.
Those are checking how many accesses to the php-pages are done by which ip and so on.
Once a user hits a given threshold his IP is added to a .htaccess-file and removed after a specified ban-time.

that results in the following:
2006-06-12 23:44:21.195 [INFO] [HTAccess] Configuration file [/home/xxx/forum_v51/.htaccess] changed.
2006-06-12 23:44:21.195 [INFO] [HTAccess] Updating configuration from [/home/xxx/forum_v51/.htaccess]
2006-06-12 23:44:52.026 [INFO] [HTAccess] Configuration file [/home/xxx/forum_v51/.htaccess] changed.
2006-06-12 23:44:52.026 [INFO] [HTAccess] Updating configuration from [/home/xxx/forum_v51/.htaccess]
2006-06-12 23:44:52.240 [INFO] [HTAccess] Configuration file [/home/xxx/www/forum_v2/.htaccess] changed.
2006-06-12 23:44:52.240 [INFO] [HTAccess] Updating configuration from [/home/xxx/www/forum_v2/.htaccess]
2006-06-12 23:45:17.682 [INFO] [HTAccess] Configuration file [/home/xxx/www/forum_v2/.htaccess] changed.
2006-06-12 23:45:17.682 [INFO] [HTAccess] Updating configuration from [/home/xxx/www/forum_v2/.htaccess]
2006-06-12 23:45:22.331 [INFO] [HTAccess] Configuration file [/home/xxx/forum_v51/.htaccess] changed.
2006-06-12 23:45:22.331 [INFO] [HTAccess] Updating configuration from [/home/xxx/forum_v51/.htaccess]
2006-06-12 23:45:53.306 [INFO] [HTAccess] Configuration file [/home/xxx/www/forum_v2/.htaccess] changed.
2006-06-12 23:45:53.306 [INFO] [HTAccess] Updating configuration from [/home/xxx/www/forum_v2/.htaccess]
2006-06-12 23:45:54.453 [INFO] [HTAccess] Configuration file [/home/xxx/forum_v51/.htaccess] changed.
2006-06-12 23:45:54.453 [INFO] [HTAccess] Updating configuration from [/home/xxx/forum_v51/.htaccess]
2006-06-12 23:46:19.040 [INFO] [HTAccess] Configuration file [/home/xxx/www/forum_v2/.htaccess] changed.
2006-06-12 23:46:19.040 [INFO] [HTAccess] Updating configuration from [/home/xxx/www/forum_v2/.htaccess]
2006-06-12 23:46:19.163 [INFO] [HTAccess] Configuration file [/home/xxx/forum_v51/.htaccess] changed.
2006-06-12 23:46:19.163 [INFO] [HTAccess] Updating configuration from [/home/xxx/forum_v51/.htaccess]
2006-06-12 23:46:49.224 [INFO] [HTAccess] Configuration file [/home/xxx/www/forum_v2/.htaccess] changed.
2006-06-12 23:46:49.224 [INFO] [HTAccess] Updating configuration from [/home/xxx/www/forum_v2/.htaccess]
2006-06-12 23:46:49.228 [INFO] [HTAccess] Configuration file [/home/xxx/forum_v51/.htaccess] changed.
2006-06-12 23:46:49.228 [INFO] [HTAccess] Updating configuration from [/home/xxx/forum_v51/.htaccess]
2006-06-12 23:47:19.554 [INFO] [HTAccess] Configuration file [/home/xxx/forum_v51/.htaccess] changed.
2006-06-12 23:47:19.554 [INFO] [HTAccess] Updating configuration from [/home/xxx/forum_v51/.htaccess]
2006-06-12 23:47:21.382 [INFO] [HTAccess] Configuration file [/home/xxx/www/forum_v2/.htaccess] changed.
2006-06-12 23:47:21.382 [INFO] [HTAccess] Updating configuration from [/home/xxx/www/forum_v2/.htaccess]
which I don't see as a perfomance-enhancement with all its reloading of the htaccess ;-).

Therefore I'd like to see a way to update the blocked ips for a vhost or directory through some api from an app.
 

mistwang

LiteSpeed Staff
#2
I think .htacess should serve this purpose well, should not be a performance hit itself.
Actually, I think it may not be a good idea to do DoS detection in an external application, as one instance may not know the big picture and hard to make it accurate. Our builtin DoS prevention feature is more effiicient and accurate.
 

ts77

Well-Known Member
#3
Maybe your builtin dos-prevention is more efficient but I need to check more variables in the app which can't be done on the server-side, like which page was accessed how often and I don't need to take static files into account either.
 

mistwang

LiteSpeed Staff
#4
There is an option, "Dynamic Requests/second", for this kind of single point DoS attack, maybe it is not exactly what you have been doing in PHP, but should help.
 
Top