Hi,

What would be the best way for me to stop visitors from having multiple simultaneous connections to my server? I've created <limit> rules for the IP addresses that I've caught, and I've also installed a connection limiter module for apache that only allows 3 simultaneous connections, however this doesn't seem to prevent them from sending multiple requests with Keep-alive and having them bottleneck 120 connections for a few minutes or hours.

I only use this server as a download server, so would disabling Keep-alive do the trick? (In 95% of the cases, each IP only downloads one file so having persistent connections is not beneficial) I'm worried that may affect my server performance..

Or, is there a module out there that can stop these users that abuse my server at the internal router? Say if it sees 20 connections within 30 seconds or so, it would block their IP for an hour at the router level, etc..

Thanks for any help!

If you can work out a way to get someones mac address
via the internet you can stop people from doing things...
Even if they change the ip address, in order to access
it again they would need to change there hardware.

Just try use that, you can proberly get it with java,
i have used it for within an instant messenger that
i made.

Hope this helps :)

just make sure you set the keepalive timeout limit set to a resonable value. Keep alive is simply allowing to keep a persistent connection to your server and more than 1 request cannot be sent within the timeout period.

If you can work out a way to get someones mac address
via the internet you can stop people from doing things...
Even if they change the ip address, in order to access
it again they would need to change there hardware.
...
Thanks, I'll look into that, as that would be the best way to stop these abusers.

just make sure you set the keepalive timeout limit set to a resonable value. Keep alive is simply allowing to keep a persistent connection to your server and more than 1 request cannot be sent within the timeout period.
That still doesn't seem to help.. I have a few bad visitors that use up 60+ simultaneous connections from the same IP even with keep-alive on. I'm guessing they are sending some sort of "don't use keep-alive" flag when they send in their get request. However, their connection is still active for the duration of the keep-alive timeout. I set the timeout to 5 seconds, and that at least helped with the server load, but they still are using connections that could be available to other visitors.

Thanks, I'll look into that, as that would be the best way to stop these abusers.


That still doesn't seem to help.. I have a few bad visitors that use up 60+ simultaneous connections from the same IP even with keep-alive on. I'm guessing they are sending some sort of "don't use keep-alive" flag when they send in their get request. However, their connection is still active for the duration of the keep-alive timeout. I set the timeout to 5 seconds, and that at least helped with the server load, but they still are using connections that could be available to other visitors.

could be the firefox hack that allows a person to make 60+ connections to your server to make it load faster.

admittedly im no expert, but could that be a site rip effort there? i think those tools can do close to that many connections in firefox specifically.. also there was a tool i ran into at one site that gave out multimedia files, that was leechsomething. it made the user download some piece of java and then they could use it. although i found it had spyware :/

I run a multimedia server and I use IPLimitConn_mod for apache to just limit all my multimedia files (and only multimedia) on the server to 1 connection per IP and they get a "Service Temporarily Unavalible" error if they try to download another file. It doesn't help as far as requests since the server still needs to process all the requests but it helps with distributing speed among users. I get alot of complaints about it however since users think the links are broken -.-