On 11/01/2016 05:06 PM, Jean-Marc Lasgouttes wrote: > Le 01/11/16 à 21:51, Richard Heck a écrit : >> What about rate limiting access to the trac/ subdirectory? The problem >> is that we get hit too many times too fast by these bots. Refusing to >> serve them that fast won't make them go away, but it will keep them from >> taking us down. > > Do you know how to do that? I am not sure that trac is the only > problem, BTW. > > And what is the reasonable limit? > > I had some suggestions from Máté: limit the number of connections from > the same IP. IPTables can do this: > > http://unix.stackexchange.com/questions/139285/limit-max-connections-per-ip-address-and-new-connections-per-second-with-iptable > > > Máté suggested a limit of 2 connections per IP. > > I have no idea how to do this properly, though.
I can probably figure this out, but it will be the weekend before I can spend the time. Richard