Changes between Initial Version and Version 1 of Ticket #4894


Ignore:
Timestamp:
02/15/2017 07:25:01 AM (3 years ago)
Author:
matze
Comment:

Applying the resulting patch-set as a hotfix should suffice for now. Note, however, that "abuse" is not necessarily the correct label for these clients behavior - our servers should be (and are) capable of handling those spikes, and we never published conditions in any form. So when the measures described above are applied and if someone or something pops up, at least we should then be able to provide information on what values are required, and why.

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #4894

    • Property Priority changed from Unknown to P2
    • Property Ready set
  • Ticket #4894 – Description

    initial v1  
    1 === Environment === 
    2 All live production servers 
    3  
    4 === How to reproduce === 
    5 Occurs in the live environment. 
    6  
    7 === Observed behaviour === 
    8  
    91Every day at 21:00 UTC, our servers suffer an onslaught of traffic coming from some half a million clients downloading the chinese easylist concurrently. They provide no request paramaters or user-agent that would allow us to communicate with or advise the developers of this client. 
    102 
    11 === Expected behaviour === 
     3=== What to do === 
    124 
    135As these clients are practically abusing the servers by having all clients fetch concurrently, we have no good choice but to block their traffic. The heuristics for this kind of traffic is: