I need to block some uld URLs that are generating a lot of traffic in my web server (Apache). For example to block all the requests like https://example.com/xxxxxx/
I Can’t do that with IPtables so I am using mod_rewrite with a rule in my .htaccess
That is still consuming a lot of resources and I am wondering if there is a better way to block the request before reaching Apache. Or another most efficient way to do it within Apache. For example, I heard that parsing .htaccess files consumes resources so not sure if using the vhost .conf file can help or it is really the same…
Any advice on how can I block requests using the URL?
Thank you experts!
2
Answers
Certainly distributed configuration files consume more load than a single, central and static configuration. But the differences are not like day and night. The issue with a distributed configuration is more the effort to keep the overview, to maintain it.
If you can keep those requests away from the http server at all you certainly will see more difference. You could consider using a frontend server. Something like nginx or HAProxy that acts as a gate keeper and only forwards those requests you actually want to respond to. This makes little sense on a single system though, you’d need two separate cloud services or even systems for that.
The best approach would be to add something like this to your httpd / vhost.conf file:
Every call to /xxxx would result in mod_rewrite to return a 403 response.
Make sure to place those rules into the according vhost tag.