All geek questions in one place

Tomato and flood protection

We use Tomcat 7 for our web application. We provide an XML-based API so that our customers can communicate with our server in machine-to-machine mode (without the need for a web browser). Requests are processed by the servlet.

We need to prevent users from sending too many requests in a row. Some of the services we provide include polling results, and users can make queries in a loop without any breaks, making dozens of queries per second for nothing.

How can we protect ourselves from flooding with useless requests? Is there an easy way to block requests at the servlet input level when there are too many requests coming from the same IP address? Is there anything built-in Tomcat to solve this problem?

+6
source share
4 answers

Assuming you are using a reverse apache proxy before tomcat (if it shouldn't), use mod_cband in the apache layer.

+4
source

You can write your own.

The starting points for this issue will be the servlet API, in particular the filter interface and the getRemoteHost () method of the SerlvetRequest interface.

It should be easy enough to write a filter implementation that stores the number of requests from each host and takes action if the limit is exceeded.

+2
source

Spring There are many Apache httpd mod_security features in the security system if you want to use only a Java solution.

0
source

Apache mod_evasive or mod_security can cover your need here. You can consider Cloudflare for more complex, serious attacks that require hardware protection.

0
source

Source: https://habr.com/ru/post/920429/

More articles:


All Articles