How to block spamming IP coming to your environment in Tomcat?

There is a case that ton of requests are rushing into your Tomcat webapps, mostly because your service becomes rock star, the bug of your new implementation cause user's "refresh", or maybe something else.

For non-heavy requests which hits cached data most of the time would be fine for those cases, but other types of requests like new login account creation, real-time status query like server status, place order, etc are highly related to database call, and mostly will not be cached. Those calls can exhaust your Tomcat webapps JDBC connection pool too fast and make the service unrecoverable.
Implementing throttling in app would be definitely helpful in this case, but even the solution might need some time to coding. There are other ways you can filter spamming IP in OS level using iptables things or Apache mod_xxx plugin, etc, but probably the easiest and fastest way to block those spamming(well, at least to you) IP would be adding following "Valve" configuration into Tomcat's server.xml.
<Valve className="org.apache.catalina.valves.RemoteAddrValve" deny="xx.x.xx.xxx" />
This set up need to be located under <Engine> section, and at the same level with "Host". ( chanse xx.x.xx.xxx to the IP which you want to block).
You can either use "deny" or "allow" for Valve configuration, but "deny" would be what you ant to use at this moment.
For more information about Valve configuration in Tomcat, check http://tomcat.apache.org/tomcat-7.0-doc/config/valve.html

댓글 없음:

댓글 쓰기

UIUC MCS-DS 2018 가을학기 끝, 그리고 2019 봄학기 등록 과목

이 포스팅은 제 미디엄(https://medium.com/@wjung/) 에 작성된 것의 중복포스팅입니다. 2018년 가을학기의 과목이었던 CS410 Text Information System을 드디어 끝냈다. 기말고사는 거의 2주 쯤 전인 12...