Page MenuHomeDevCentral

Count #wikipedia-fr excess flood botnet mitigation bans
ClosedPublic

Authored by dereckson on Jul 31 2015, 09:07.
Referenced Files
Unknown Object (File)
Mon, Nov 18, 14:01
Unknown Object (File)
Mon, Nov 18, 12:19
Unknown Object (File)
Sun, Nov 17, 06:42
Unknown Object (File)
Sun, Nov 10, 01:56
Unknown Object (File)
Thu, Nov 7, 12:32
Unknown Object (File)
Tue, Nov 5, 14:32
Unknown Object (File)
Tue, Nov 5, 12:37
Unknown Object (File)
Mon, Nov 4, 18:05
Subscribers
None

Details

Summary

We previously set a ban duration of one day, without any
insurance this value is optimal.

Alphos suggested we count banned clients by IP:

INSERT INTO excessfloodlog ( ipaddress, connectcount)
VALUES ( :ipaddress, 1 )
ON DUPLICATE KEY UPDATE connectcount = connectcount + 1;

As we strive for an immediate log but without network blocking
operation and as in the future similar protection could be
extended to other scenarii, including cloaks, we'll log hosts.

Fixes T518.


This commit introduces a database schema change:

CREATE TABLE `log_flood` (
  `host` varchar(255) NOT NULL DEFAULT '',
  `count` tinyint(3) unsigned DEFAULT NULL,
  `created` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
  `updated` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
  PRIMARY KEY (`host`)
) ENGINE=InnoDB;
Test Plan
  • Watch #wikipedia-fr to notice when some bans are triggered
  • See if it's correctly logged in the database

Diff Detail

Repository
rVIPERSERV ViperServ scripts [legacy Mercurial repo]
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

dereckson retitled this revision from to Count #wikipedia-fr excess flood botnet mitigation bans.
dereckson updated this object.
dereckson edited the test plan for this revision. (Show Details)
dereckson added a reviewer: dereckson.
dereckson edited edge metadata.

After some months of use, that works well and led to a 7 days duration.

This revision is now accepted and ready to land.Nov 9 2015, 23:27
This revision was automatically updated to reflect the committed changes.