[SAC] ProjectsVM Upgrade Problem
Alex Mandel
tech_dev at wildintellect.com
Tue Feb 7 13:10:09 EST 2012
On 02/07/2012 05:49 AM, Markus Neteler wrote:
> On Tue, Feb 7, 2012 at 5:08 AM, Alex Mandel <tech_dev at wildintellect.com> wrote:
> ...
>> It's quite a popular site so we can't leave it off indefinitely
>
> Sure.
>
>> (It appears to be on again). I did manage to figure out how to run the site
>> via gunicorn instead of apache but in testing it's seems the proxy by
>> the main apache is what's causing the most slow down and possibly load
>> on the main apache. I'm not sure the load on the cpu/ram is the culprit,
>> but I do have an idea to test it.
>>
>> In the meantime I'd like to run an experiment for a week running sr.org
>> on gunicorn instead of the srorg apache to see if things behave any
>> better? Any objections, concerns or questions?
>
> Sounds good.
>
> However, I noticed a few things:
> - 2010.foss4g.org was active there but the true IP is a different one! so
> I took it off
> - likewise for community-review.foss4g.org which doesn't seem to exists
>
> More importantly: the site is continuously bombed by Chinese IPs pointing
> to ad.yieldmanager.com etc. Try the following:
>
> tail -f /var/log/apache2/docs.geotools.org-access_log
>
> So in fact the server performance is impressive, all is eaten by this junk!!
>
> Any chance to block the IPs bombing the projectsVM with requests?
> They always attack the alphabetically first server from
> /etc/apache2/sites-enabled/ .
>
> Markus
Anyone a pro at blacklist options? Something that wouldn't just block
all of Southeast asia by IP.
http://perishablepress.com/press/2009/02/03/eight-ways-to-blacklist-with-apaches-mod_rewrite/
It sounds like we can easily block by the referrer url if it's
ad.yieldmanager.com
Thanks,
Alex
More information about the Sac
mailing list