Frequently asked questions

Back
What does the webservers' self defense mechanism do?

This answer is mainly intended for those who make and maintain PHP or CGI based web pages.


Our webservers have a self defense mechanism against overloading. It reduces the risk of overload from certain types of attack (so-called DoS attacks) and somewhat badly programmed websites, by employing the Apache module mod_evasive.

The module works by checking the number of page requests, script startups or requests for page elements (images etc.) within a short period of time. If there are too many such requests, it will temporarily lock out the IP address exceeding the limit, which results in an error message: either "403 Forbidden" or "503 Service Unavailable".

The limits per IP address are:

Max page views/scripts started per 2 seconds: 10
Max page elements per second: 120
Lock-out period: 10 seconds

Because the webservers use CGI/suphp to provide PHP, e.g. generating or loading images dynamically in PHP will slow down the image loading time, as each image requires that a separate PHP script must be loaded for each image, every time:

<img src="showimage.php?image=2342.jpg">

It is quicker if you, as a web programmer, change the image size (create thumbnails) and serve these as static files, which makes the server workload far lower:

<img src="images/2342.jpg">

Each such generated image ("showimage.php") is counted towards the limit for page views/scripts. If you try to load a PHP web page more than 10 times within two seconds, or you have a page where you start or load even more PHP scripts at a time, you therefore risk that the web server temporarily locks out that IP address.

Some PHP programs have a setting called "search engine friendly URLs" or similar. This setting can cause images to be loaded via PHP scripts in the same way as illustrated above, and therefore increases the risk of running afoul of the self defense mechanism.

On a number of incorrect logins on a website, your IP address will be blocked out in half an hour. You will then get the error "429 Too Many Requests".

See also:

Keyword:  

Index

© 2017 Domeneshop AS · About us · Terms & Conditions · About cookies