How to block spamming IP coming to your environment in Tomcat?

There is a case that ton of requests are rushing into your Tomcat webapps, mostly because your service becomes rock star, the bug of your new implementation cause user's "refresh", or maybe something else.

For non-heavy requests which hits cached data most of the time would be fine for those cases, but other types of requests like new login account creation, real-time status query like server status, place order, etc are highly related to database call, and mostly will not be cached. Those calls can exhaust your Tomcat webapps JDBC connection pool too fast and make the service unrecoverable.
Implementing throttling in app would be definitely helpful in this case, but even the solution might need some time to coding. There are other ways you can filter spamming IP in OS level using iptables things or Apache mod_xxx plugin, etc, but probably the easiest and fastest way to block those spamming(well, at least to you) IP would be adding following "Valve" configuration into Tomcat's server.xml.
<Valve className="org.apache.catalina.valves.RemoteAddrValve" deny="xx.x.xx.xxx" />
This set up need to be located under <Engine> section, and at the same level with "Host". ( chanse xx.x.xx.xxx to the IP which you want to block).
You can either use "deny" or "allow" for Valve configuration, but "deny" would be what you ant to use at this moment.
For more information about Valve configuration in Tomcat, check http://tomcat.apache.org/tomcat-7.0-doc/config/valve.html

댓글 없음:

댓글 쓰기

요즘 포스팅을 모두 medium쪽으로 하고 있습니다

안녕하세요? 어쩌다보니 그냥 한번 써보기로 한 medium.com 에다가 죄다 최근 포스팅을 하고 있습니다. 현재 도메인인 potatosoft.com 은 제가 대학때인가 사회 취업한지 얼마 안됐을때부터 유지해 온 도메인이고, 블로그 시스템은 그...