-3

I would like to protect my server from too many hits from Bots.

Considering a scenario, where in a server (physical) located in a private network and hitting my server continuously. Do i have a mechanism to identify the server behind the hits, say by browser ID, if any, and try to restrict access?

When ever a machine/server requests data from a website, the IP and MAC addresses gets overwritten when they pass through a router/load balancer. Ideally, Bots designers ensure their BOT is behind a load balancer, but there must be a way to locate the physical server address or its mac address, so i could have a limitation on the number of hits allowed.

Or, "Should i scale up the server and allow as many transactions as possible" is the only/ideal choice rather than trying to limit the hits? Considering the complexity of implementing such algorithm.

dtoubelis
  • 4,579
  • 1
  • 28
  • 31
kris123456
  • 101
  • 2
  • Please make sure you read this post first http://serverfault.com/questions/531941/i-am-under-ddos-what-can-i-do/531942#531942. – dtoubelis Oct 11 '15 at 00:28

2 Answers2

2

Install fail2ban, configure bot jails. Simples.

user9517
  • 114,104
  • 20
  • 206
  • 289
1

If your firewall is the reason you can't see the address, you'll need to deal with the firewall to get that info. Probably from the logs.

I've dealt with very busy public servers. There are a few things that I concern myself with (to start):

  1. Make sure your server can handle it (because this will always happen)
  2. Make sure your code can handle it (efficient/optimized/intelligent)
  3. Block IPs that offend temporarily

If that doesn't work, get more inventive.

Ryan Babchishin
  • 6,160
  • 2
  • 16
  • 36