How to check fake requests

Re: How to check fake requests

"Fakhar" <fakharmtc@hotm ail.com> wrote in message
news:f925d8ca.0 311030105.2fc81 3e9@posting.goo gle.com...[color=blue]
> How can I check fake requests on my webpage. I am asking for email[/color]
address[color=blue]
> as input and I wounder if anyone write a program to send fake requests and
> my system will be busy to respond those requests.
> Specifically, I want to check if more than 10 requests from same IP in[/color]
last[color=blue]
> One minute then my Website should not respond to that IP.[/color]

that will kill people who come through proxy, or firewall. All such users
appear to your script as if they come from the same IP, while in fact they
are different.

rush
--

Re: How to check fake requests

Here's a question:
What negative effects do you expect from people hitting your website with
fake requests?

Note that by the time your fake-request-rejection script has run, your web
server has already fielded the request and initialized PHP. Not matter what
output you do or don't send, the server will issue response headers once the
script finishes. So unless their requests automatically invoke some very
CPU-intensive process, just running the rejection script is already taking
about as much load as anything else. A more effective method is:
mod_throttle. See this article:

for more.

The other poster's point about requests from proxies is also well noted. I
would be careful blocking traffic unless you know it's malicious, or unless
it has some specific negative effect.

Cheers,

Eric


"Fakhar" <fakharmtc@hotm ail.com> wrote in message
news:f925d8ca.0 311030105.2fc81 3e9@posting.goo gle.com...[color=blue]
> Hi All,
>
> How can I check fake requests on my webpage. I am asking for email[/color]
address[color=blue]
> as input and I wounder if anyone write a program to send fake requests and
> my system will be busy to respond those requests.
> Specifically, I want to check if more than 10 requests from same IP in[/color]
last[color=blue]
> One minute then my Website should not respond to that IP.
>
> Take care
>
> Fakhar[/color]

Re: How to check fake requests

"Eric Ellsworth" <ez@.com.com.co m.com> wrote in message news:<J4KdnZZZS MhRFDuiRTvUqA@s peakeasy.net>.. .[color=blue]
> Here's a question:
> What negative effects do you expect from people hitting your website with
> fake requests?
>
> Note that by the time your fake-request-rejection script has run, your web
> server has already fielded the request and initialized PHP. Not matter what
> output you do or don't send, the server will issue response headers once the
> script finishes. So unless their requests automatically invoke some very
> CPU-intensive process, just running the rejection script is already taking
> about as much load as anything else. A more effective method is:
> mod_throttle. See this article:
> http://www.linux-mag.com/2003-02/lamp_01.html
> for more.[/color]

Thanks for response. Well I already have some concepts of throttling but
what I want to know is how to implement the task, I mentioned.
I don't have very good concepts of Web Programming. I want to know where and
what should I code in my website that will perform IP detection and checking
of number of hits as any user visit my website?

Regards

Fakhar

[color=blue]
>
> The other poster's point about requests from proxies is also well noted. I
> would be careful blocking traffic unless you know it's malicious, or unless
> it has some specific negative effect.
>
> Cheers,
>
> Eric[/color]