All geek questions in one place

How to prevent or stop an income denial attack?

In the case of payment for advertising device websites, their financial survival is largely dependent on advertising revenue and expense management.

If someone who organizes a click fraud campaign through a specific website / publisher, from the point of view of advertisers, it’s a natural act to blame and ban publisher accounts, and then lose unpublished revenue. Subsequently, the publisher would have to deal with the new ad or agency, still leaving them vulnerable to the same thing that happens over and over until they exit the advertisers or cease to be profitable.

Repeat the random script several times, but with throttle, you will get expensive resources over time to increase operating costs, and ultimately the publisher’s website will be dead.

From the point of view of the developer, I see no way to avoid or stop such an attack. Most advertising brokers did not release raw HTTP access records, and even if they did, what could a small web company do, but pass it on to the appropriate law enforcement agencies?

+3
source share
1 answer

note - Originally was part of the question, but moved this part as a standalone answer. Marked as a wiki community.

- script/service , memcache.

def handle_request(request):
    cache = Cache()
    key = getKeyByInterval(request.remote_ip,  hour = 1 )
    #Key == "YYMMDD_hour_ip"
    cache.add(key, 1)
    if cache.get(request.remote_ip) > threshold:
        redirect("/none_revenue/random_image")
    else:
        serve_advert()

10, 10 IP 1 .... , , script href "http://Acme-Advertising-co.com/adserve?userid={Some unique id} & zoneid = SomeValue", script .

0

Source: https://habr.com/ru/post/1787247/

More articles:


All Articles