Hi, On 04/12/13 15:17, dtpalmer wrote: > Our instance of DSpace occasionally gets hammered with excessive requests for > downloads of the same item, in a very short time, say 8,000 in one hour. No > idea why. Perhaps the bogey was testing his software against our server? > > Is there any way to detect, and set a limit of x downloads in y amount of > time, after which the server blocks that IP ?
Are all your downloads coming from the same IP address? "My" repositories have seen similar behaviour, however the source IP usually changes every 4 downloads even though the file downloaded stays the same. So the IP-based blocking approaches suggested by others in this thread won't work for me. I did spot patterns some of the times; usually country+user agent together with the bitstream ID and a time period identify these hits and I can manually delete those hits from the solr stats, but the user agent and sometimes the country do change between "attack runs". I thought about changing the solr logger logic to not store a 'hit' if the same bitstream was downloaded by the same IP address within a given time window (this would quarter the download count) or even if the same bitstream was downloaded by the same user agent + country within a given time window, but I'm not sure about false positives rates. I talked to the local firewall folks about this but it seems even their firewall (which apparently can make coffee if you ask it nicely) can't do anything to block this behaviour. cheers, Andrea -- Dr Andrea Schweer IRR Technical Specialist, ITS Information Systems The University of Waikato, Hamilton, New Zealand ------------------------------------------------------------------------------ Sponsored by Intel(R) XDK Develop, test and display web and hybrid apps with a single code base. Download it for free now! http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk _______________________________________________ DSpace-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
