|
Click to See Complete Forum and Search --> : About how many deny i.p.'s is the max? dwhswebhosting 06-08-2003, 07:15 PM Does anyone know about how many deny from i.p.'s you can add in apache without losing any stability? My list of bad sites are getting huge?? Thanks, Charles goldbug 06-13-2003, 12:48 PM Not sure... are you using your apache config as a makeshift firewall?? dwhswebhosting 06-13-2003, 02:56 PM Actually I am trying to keep it simple and just adding the i.p.'s to block in the: Order deny,allow Deny from all Option in Apache, I heard from another forum that you can put a unlimited amount of deny i.p.'s in the apache file but at the same time several people said it doesn't matter the size of apache for speed and load perform. I am almost sure the more host names and deny i.p.'s there are in Apache, that it effects it's performance. I just can't say for sure. Thanks... goldbug 06-13-2003, 03:12 PM Well, if you had like 4 million IPs listed as blocked in apache config files, It would probably degrade performance solely due to the time it takes to read/cache all of those. Now, I'm no Apache expert, and don't claim to be.... Is it possible to deny blocks of IP addresses (like a real firewall)? For example, blocking 10.0.0.0/24 instead of 10.0.0.1, 10.0.0.2, 10.0.0.3, etc... ? That way, you could just block a "troublesome" group of IP addresses all at once. Another option, but yet again, I'm hypothesizing, haven't actually looked into it: could you use some authentication module tied in with a database (mod_auth_mysql?), so the database does the grunt work of the lookup? Just an idea, I have no idea if it's possible. :) dwhswebhosting 06-13-2003, 03:43 PM Makes since to me too, Thanks dude.. I am trying to work on a apache plug in that connects to a centralized black list for all servers. Someday.. :D When you have a couple hundred servers, editing each apache file sucks... Have a good weekend. -Charles Arenium 06-22-2003, 01:30 AM you could always just write a shell script to do it...i think... Mordecai 06-22-2003, 05:50 AM Eeer... I'd say probably after a couple thousand (maybe only 1,000), it'll start to get slower and slower (at least it will become noticeable). stolzyboy 06-22-2003, 09:08 PM apache would laugh at 1000 ip's, i would get concerned when it hits the higher thousands, ie. 6, 7, etc.... you will certainly then have problems with performance PHP Builder
Copyright WebMediaBrands Inc. All Rights Reserved. |
|