By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
446,320 Members | 2,212 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 446,320 IT Pros & Developers. It's quick & easy.

How to check fake requests

P: n/a
Hi All,

How can I check fake requests on my webpage. I am asking for email address
as input and I wounder if anyone write a program to send fake requests and
my system will be busy to respond those requests.
Specifically, I want to check if more than 10 requests from same IP in last
One minute then my Website should not respond to that IP.

Take care

Fakhar
Jul 17 '05 #1
Share this Question
Share on Google+
3 Replies


P: n/a
"Fakhar" <fa*******@hotmail.com> wrote in message
news:f9**************************@posting.google.c om...
How can I check fake requests on my webpage. I am asking for email address as input and I wounder if anyone write a program to send fake requests and
my system will be busy to respond those requests.
Specifically, I want to check if more than 10 requests from same IP in last One minute then my Website should not respond to that IP.


that will kill people who come through proxy, or firewall. All such users
appear to your script as if they come from the same IP, while in fact they
are different.

rush
--
http://www.templatetamer.com/

Jul 17 '05 #2

P: n/a
Here's a question:
What negative effects do you expect from people hitting your website with
fake requests?

Note that by the time your fake-request-rejection script has run, your web
server has already fielded the request and initialized PHP. Not matter what
output you do or don't send, the server will issue response headers once the
script finishes. So unless their requests automatically invoke some very
CPU-intensive process, just running the rejection script is already taking
about as much load as anything else. A more effective method is:
mod_throttle. See this article:
http://www.linux-mag.com/2003-02/lamp_01.html
for more.

The other poster's point about requests from proxies is also well noted. I
would be careful blocking traffic unless you know it's malicious, or unless
it has some specific negative effect.

Cheers,

Eric
"Fakhar" <fa*******@hotmail.com> wrote in message
news:f9**************************@posting.google.c om...
Hi All,

How can I check fake requests on my webpage. I am asking for email address as input and I wounder if anyone write a program to send fake requests and
my system will be busy to respond those requests.
Specifically, I want to check if more than 10 requests from same IP in last One minute then my Website should not respond to that IP.

Take care

Fakhar

Jul 17 '05 #3

P: n/a
"Eric Ellsworth" <ez@.com.com.com.com> wrote in message news:<J4********************@speakeasy.net>...
Here's a question:
What negative effects do you expect from people hitting your website with
fake requests?

Note that by the time your fake-request-rejection script has run, your web
server has already fielded the request and initialized PHP. Not matter what
output you do or don't send, the server will issue response headers once the
script finishes. So unless their requests automatically invoke some very
CPU-intensive process, just running the rejection script is already taking
about as much load as anything else. A more effective method is:
mod_throttle. See this article:
http://www.linux-mag.com/2003-02/lamp_01.html
for more.
Thanks for response. Well I already have some concepts of throttling but
what I want to know is how to implement the task, I mentioned.
I don't have very good concepts of Web Programming. I want to know where and
what should I code in my website that will perform IP detection and checking
of number of hits as any user visit my website?

Regards

Fakhar


The other poster's point about requests from proxies is also well noted. I
would be careful blocking traffic unless you know it's malicious, or unless
it has some specific negative effect.

Cheers,

Eric

Jul 17 '05 #4

This discussion thread is closed

Replies have been disabled for this discussion.