Red Hat SummitQuesto contenuto non è disponibile nella lingua selezionata.
2.8. Banning IP Addresses That Overload Applications
If an application user accesses an application with excessive frequency, you can block that user by banning their IP address.
Note
The ban instituted by the following procedure applies to all gears on the node host, including the over-accessed gear.
Procedure 2.5. To Ban an IP Address:
- Run the following command to view a CNAME to the node host where the application's gear is located:
dig appname-domain.example.com
# dig appname-domain.example.comdig appname-domain.example.comCopy to Clipboard Copied! Toggle word wrap Toggle overflow - On the node host identified in the previous step, check the application's apache logs for unusual activity. For example, a high frequency of accesses (3 to 5 per second) from the same IP address in the
access_logfile may indicate abuse:tail -f /var/lib/openshift/appUUID/appname/logs/*
# tail -f /var/lib/openshift/appUUID/appname/logs/*tail -f /var/lib/openshift/appUUID/appname/logs/*tail -f /var/lib/openshift/appUUID/appname/logs/*tail -f /var/lib/openshift/appUUID/appname/logs/*tail -f /var/lib/openshift/appUUID/appname/logs/*Copy to Clipboard Copied! Toggle word wrap Toggle overflow - Ban the offending IP addresses by placing them in iptables, running the following command for each IP address:
iptables -A INPUT -s IP_address -j DROP
# iptables -A INPUT -s IP_address -j DROPiptables -A INPUT -s IP_address -j DROPiptables -A INPUT -s IP_address -j DROPCopy to Clipboard Copied! Toggle word wrap Toggle overflow - If you are using a configuration management system, configure it appropriately to ban the offending IP addresses. For non-managed configurations, save your new iptables rules:
service iptables save
# service iptables saveCopy to Clipboard Copied! Toggle word wrap Toggle overflow
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}