Thank you Laura, I was hoping for a quick fix and something along the lines of a fuseki blacklist filter in the shiro.ini
but yes the reverse proxy is probably a more sensible approach at this point. In any event good to see sparql spam like this here, it means that the Semantic Web has most certainly arrived in the mainstream ;) On Tue, Dec 18, 2018 at 5:35 PM Laura Morales <[email protected]> wrote: > While I think the correct answer is YES (perhaps by implementing a custom > filter), I guess the answer is going to be "use a reverse proxy". > > > > > Sent: Tuesday, December 18, 2018 at 6:16 PM > From: "Marco Neumann" <[email protected]> > To: [email protected] > Subject: blocking IP to prevent malicious sparql queries > is it possible to block indiviual IPs with the shiro.ini? > > We receive a number of malicious sparql queries from an IP in France > (193.52.210.70) today > > that continuously issues the following SPARQL query: > > SELECT ?r (count(*) AS ?count) > WHERE{ ?x ?r ?s > { SELECT ?s WHERE > { ?s a ?o } > OFFSET 124639 LIMIT 1000 } > } GROUP BY ?s ?r OFFSET 0 LIMIT 10000 > > resulting in: > > [2018-12-18 18:10:31] AbstractConnector WARN > java.lang.OutOfMemoryError: GC overhead limit exceeded > [2018-12-18 18:10:34] Fuseki WARN [424] RC = 500 : GC overhead limit > exceeded > java.lang.OutOfMemoryError: GC overhead limit exceeded > [2018-12-18 18:10:34] Fuseki INFO [424] 500 GC overhead limit exceeded > (39.946 s) > > and pushes fuseki offline for a few minutes. > > > -- > > > --- > Marco Neumann > KONA > -- --- Marco Neumann KONA
