I don't know the status of these issues. Timeout and DDOS are two concerns for me.
To prevent timeout, applications have to check timer very quickly and break the request processing aggressively, which looks like a DDOS :-). Even worse, it's difficult to guarrantee the loop between timer-checking is less than timeout. Failing this, the request will not be processed unless you modify the application. Hope I am wrong, or hope to see solutions for these issues will come out soon. Scott On Sep 12, 11:10 am, Tony Smith <[EMAIL PROTECTED]> wrote: > Yes, it needs to be at a very low level. > > In my infrastructure, when the system is detecting a DOS attack it > creates a firewall rule on the offending IP address. This rule will > expire in a few minutes. If the DOS continues after the few minutes > then An hour long restriction is imposed. If after an hour the DOS is > still active then a permanent restriction is created and an admin is > notified. The admin then researched the attack and if it proves to be > of malicious intent (not some misconfiguration on the software) then > we take it up with the ISP. > > Does Google have (currently or in plan) something similar that will > help address the DOS issues? You go through all the trouble to launch > an application and then they take it down through DOS... this would > really look bad for a start-up website not to mention Google. Well, > actually Google's GAE wouldn't be that affected because the users will > assume that the application went over it's quota. The normal users > would not know of the DOS attack. > > Thanks, > Tony > > On Sep 12, 1:24 pm, uprise78 <[EMAIL PROTECTED]> wrote: > > > > > Rich, correct me if I'm wrong but that code you sent will add a new > > read and a new write to every page hit and on top of that if the > > person is banned they will still be able to reach the webpage and > > cause it to perform this same read/write. I think DDOS attach > > protection needs to be done on a much lower level than that. > > > On Sep 12, 10:21 am, Rick Thomas <[EMAIL PROTECTED]> wrote: > > > > I noticed this code > > > >http://code.google.com/p/pyib/source/browse/trunk/usercontrol.py- Hide > > >quoted text - > > - Show quoted text - --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---
