How to check fake requests

"Fakhar" <fa*******@hotmail.com> wrote in message
news:f9**************************@posting.google.c om...

How can I check fake requests on my webpage. I am asking for email address as input and I wounder if anyone write a program to send fake requests and
my system will be busy to respond those requests.
Specifically, I want to check if more than 10 requests from same IP in last One minute then my Website should not respond to that IP.

that will kill people who come through proxy, or firewall. All such users
appear to your script as if they come from the same IP, while in fact they
are different.

rush
--
http://www.templatetamer.com/

Here's a question:
What negative effects do you expect from people hitting your website with
fake requests?

Note that by the time your fake-request-rejection script has run, your web
server has already fielded the request and initialized PHP. Not matter what
output you do or don't send, the server will issue response headers once the
script finishes. So unless their requests automatically invoke some very
CPU-intensive process, just running the rejection script is already taking
about as much load as anything else. A more effective method is:
mod_throttle. See this article:
http://www.linux-mag.com/2003-02/lamp_01.html
for more.

The other poster's point about requests from proxies is also well noted. I
would be careful blocking traffic unless you know it's malicious, or unless
it has some specific negative effect.

Cheers,

Eric
"Fakhar" <fa*******@hotmail.com> wrote in message
news:f9**************************@posting.google.c om...

Hi All,

How can I check fake requests on my webpage. I am asking for email address as input and I wounder if anyone write a program to send fake requests and
my system will be busy to respond those requests.
Specifically, I want to check if more than 10 requests from same IP in last One minute then my Website should not respond to that IP.

Take care

Fakhar

"Eric Ellsworth" <ez@.com.com.com.com> wrote in message news:<J4********************@speakeasy.net>...

Here's a question:
What negative effects do you expect from people hitting your website with
fake requests?

Note that by the time your fake-request-rejection script has run, your web
server has already fielded the request and initialized PHP. Not matter what
output you do or don't send, the server will issue response headers once the
script finishes. So unless their requests automatically invoke some very
CPU-intensive process, just running the rejection script is already taking
about as much load as anything else. A more effective method is:
mod_throttle. See this article:
http://www.linux-mag.com/2003-02/lamp_01.html
for more.
Thanks for response. Well I already have some concepts of throttling but
what I want to know is how to implement the task, I mentioned.
I don't have very good concepts of Web Programming. I want to know where and
what should I code in my website that will perform IP detection and checking
of number of hits as any user visit my website?

Regards

Fakhar


The other poster's point about requests from proxies is also well noted. I
would be careful blocking traffic unless you know it's malicious, or unless
it has some specific negative effect.

Cheers,

Eric