Hey sophie, Thanks for sharing this question here. Depending on what you mean by unfriendly requests and what you would like the respone to be, there are a few options.
Blacklist IPs in *dos.yaml* serving a static file as a response To accomplish this, you must specify an IP or subnet to blacklist in the *dos.yaml <https://cloud.google.com/appengine/docs/python/config/dosref>*. An IP matching a blacklist entry will, by default, be served a generic error page. If you'd like to serve a specific error page, you could the the *error_handlers* <https://cloud.google.com/appengine/docs/python/config/appref#error_handlers> in your *app.yaml* with the *dos_api_denial* *error_code* to serve a given static file. Respond from your application with a *404* static file when hitting certain endpoints This type of response still requires that your application respond to the request but does not require you to know the source IP range of undersirable requests in advance. Serving *404* increases the likelihood that the response is cached and not re-requested again. A *500* response for instance, may cause the requestor to ask again assuming the application was simply too busy. Note that this option will incur usage of your App Engine quotas Require *login: required <https://cloud.google.com/appengine/docs/python/config/appref#handlers_login>* with most of the application's endpoints If you know all the requests to a given application URL will be originating from Google-authenticated end users of your application, you could have them all require a login failing back to the *auth_fail_action* when unauthorized. Note that this option will also incur usage of your App Engine quotas. I hope the above suggestions are useful to you and lay out what options you can explore to meet your security needs. Note that none of these options terminate the connection in a *black hole* way. On Friday, January 20, 2017 at 3:42:27 AM UTC-5, sophie wrote: > > My Python application receives a lot of unfriendly requests. The faster > the response will be sent the sooner I get a new request. Is it possible, > in some cases, do not send a response (black hole mode)? > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/google-appengine. To view this discussion on the web visit https://groups.google.com/d/msgid/google-appengine/a6874747-0802-48ae-8491-d64e407b077f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
