skip to Main Content

I need to block some uld URLs that are generating a lot of traffic in my web server (Apache). For example to block all the requests like https://example.com/xxxxxx/

I Can’t do that with IPtables so I am using mod_rewrite with a rule in my .htaccess

That is still consuming a lot of resources and I am wondering if there is a better way to block the request before reaching Apache. Or another most efficient way to do it within Apache. For example, I heard that parsing .htaccess files consumes resources so not sure if using the vhost .conf file can help or it is really the same…

Any advice on how can I block requests using the URL?

Thank you experts!

2

Answers


  1. Certainly distributed configuration files consume more load than a single, central and static configuration. But the differences are not like day and night. The issue with a distributed configuration is more the effort to keep the overview, to maintain it.

    If you can keep those requests away from the http server at all you certainly will see more difference. You could consider using a frontend server. Something like nginx or HAProxy that acts as a gate keeper and only forwards those requests you actually want to respond to. This makes little sense on a single system though, you’d need two separate cloud services or even systems for that.

    Login or Signup to reply.
  2. The best approach would be to add something like this to your httpd / vhost.conf file:

    RewriteEngine on
    
    RewriteCond %{REQUEST_URI} !^/xxxx$
    RewriteRule ^ - [F]
    

    Every call to /xxxx would result in mod_rewrite to return a 403 response.
    Make sure to place those rules into the according vhost tag.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search