limit by Referer?

2012-06-22
2013-05-23
  • I host some dynamic content on my website, and other websites link to it.

    Unfortunately, some of the websites are generating lots and lots of queries to my webserver - this is why I'd like to limit by referer.

    The following does it per client IP (11th query per minute is blocked):

    SetEnvIf    Referer                http://example.com         QS_Limit=yes
    QS_ClientEventLimitCount                          11 60

    However, what I need, is a global limit, not per-IP limit. In other words, 11th query in a minute, with referer being http://example.com/.*, should not be served, irrespective of what IP is connecting.

    Is it possible with mod_qos?

     
  • I assume this may be an arbitrary number of sites linking to your web server - I mean, you can't define a list of domain names. can you?

     
  • The sites which link to me are "friendly" - that is, I know what domains are supposed to link to me (it's a special form generated by my webserver and it wouldn't make sense for anyone else to use it).

    The problem is that some of them generate so much traffic, far above the agreement, that my webserver slows down a lot.

    So, short term, I would like to "limit by referrer".

     
  • If you know them, you could create a list of QS_EventPerSecLimit/QS_EventRequestLimit rules (one or each you know). Does not have the same behavior than a QS_ClientEventLimitCount directive would have, but maybe provides the required limitation?

    Example:

    SetEnvIf Referrer  ^http://example.com/.* QS_EXAMPLE
    SetEnvIf Referrer  ^http://friend.com/.* QS_FREND
    SetEnvIf Referrer  ^http://neighbour.com/.* QS_NEIGHBOUR
    QS_EventPerSecLimit QS_EXAMPLE 100
    QS_EventPerSecLimit  QS_EXAMPLE 1
    QS_EventPerSecLimit QS_FREND100
    QS_EventPerSecLimit  QS_FREND1
    QS_EventPerSecLimit QS_NEIGHBOUR100
    QS_EventPerSecLimit  QS_NEIGHBOUR1