On Jun 8, 8:01 pm, CORT <[email protected]> wrote: > So let me ask you this then, > If lets say a single person does 15,000 requests in 24 hours (website > attack for example that passes though our security). then would google > block API requests from that IP only or will it lock down the entire > key for 24 hours so that no one will be able to use it? > Thanks for all your help
Google don't publish their security policies; we can only piece together users' experiences and come up with a probable methodology. I reckon that in the circumstances you outline they will block whatever IP address they get. That might be the "true" client IP address indicated by x-forwarded-for; if they don't recognise your server IP address as a proxy they might block that. ISPs such as Orange or AOL who have a few internet-facing IP addresses will be known to Google; what they won't want to allow is someone spoofing x-forwarded-for headers in order to get round their security. Andrew --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Maps API" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/Google-Maps-API?hl=en -~----------~----~----~----~------~----~------~--~---
