Support

Admin Tools

#13252 How to ban the ip which has lot of visits at the same time

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Tuesday, 14 August 2012 02:10 CDT

Tuesday, 14 August 2012 01:45 CDT

user9856
Mandatory information about my setup:

Have I read the related troubleshooter articles above before posting (which pages?)? Yes
Have I searched the tickets before posting? Yes
Have I read the documentation before posting (which pages?)? Yes
Joomla! version: 1.5.26
PHP version: 5.3.15
MySQL version: 5.1.63-ius-log
Host: Rackspace
Admin Tools version: 2.2.9

Description of my issue:

Hi Support,

One of my site has a big amount of visits, sometimes there is a robot or a stanger IP come to my site and visits dozens of times in 1 min. It makes site has a huge server overload like 20+ for several minutes. At that time, other visitors can not see the site and it shows 500 error.

Does AdminTools has function that can ban the IP which like visit site 10 tims in 1 minute?


Cheers,
Dennis

Tuesday, 14 August 2012 01:50 CDT

nicholas
Hello Dennis,

No, Admin Tools doesn't have such a feature and, quite frankly, I don't think it should have. By the time Admin Tools gets the chance to run your server has already allocated a big chunk of RAM and spent significant amounts of CPU time. I'd recommend talking with your host about the possibility of implementing a flood protection system directly on the web server. For instance, the ever-popular and personal favourite mod_security2 Apache filter/firewall can be configure for flood protection. The OWASP ModSecurity Core Rule Set Project already has this feature baked into their rule set. Since you're using RackSpace, where each site is its own virtual server, I guess that this kind of implementation is perfectly possible as it won't affect any other customers.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 14 August 2012 01:55 CDT

user9856
Hi Nicholas,

Thank you for your suggestion.

Now I am using the dedicated server. I will ask them for help install mod_security2 Apache filter/firewall.

Cheers,
Dennis

Tuesday, 14 August 2012 02:08 CDT

nicholas
On a dedicated server it's certainly possible :) In fact, I'd say it's absolutely advisable to have a fine tuned mod_security2 rule set. It's one of the basics I have in my security presentation.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 14 August 2012 02:09 CDT

user9856
It is a very good suggestion. Thanks again

Tuesday, 14 August 2012 02:10 CDT

nicholas
You're welcome :)

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!