[OSM-dev] Connection Limit

Shaun McDonald shaunmcdonald131 at gmail.com
Thu Jun 14 01:15:48 BST 2007


On 13 Jun 2007, at 21:17, Robert (Jamie) Munro wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Tom Hughes wrote:
>> I have applied a connection limit to the web server on  
>> www.openstreetmap.org
>> that limits the number of simultaneous connections from any one IP  
>> address
>> to twenty. After that requests will get a "403 Forbidden" response.
>>
>> This was primarily done because a pair of IP addresses were  
>> bombarding
>> the server with map requests to the API and the server seemed to have
>> more or less ground to a halt as the requests were coming in  
>> faster than
>> the server could handle them - there were in fact over 220  
>> connections
>> from those two addresses when I applied the limit.
>
> I'd be tempted to just block those 2 addresses completely. No sane
> system should make 110 simultaneous connections ever. That's more  
> like a
> DDOS attack than normal usage.
>
> If someone complains, we can find out what they were trying to do.

What would happen if there was a conference, mapping party or  
developer meeting that was using the site? Assuming they are using a  
NAT router, they would all have the same IP.

Shaun
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2435 bytes
Desc: not available
URL: <http://lists.openstreetmap.org/pipermail/dev/attachments/20070614/dee22618/attachment.bin>


More information about the dev mailing list