<!DOCTYPE html><html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/></head><body style="font-family:Geneva,Helvetica,Arial,sans-serif; font-size: 12px;"><br />
10/12/2020 10:50 - CEDIA FOSS Mirrors via CentOS-mirror wrote:
<div style="border:none; border-left:solid blue 1.5pt; padding:0cm 0cm 0cm 4.0pt" type="cite">10/07/2020 21:50 - TUNA Mirror Team wrote:
<div style="border:none; border-left:solid blue 1.5pt; padding:0cm 0cm 0cm 4.0pt" type="cite">Hi, all<br />
<br />
On our servers, the following UAs are blocked and similar repeated requests<br />
against large iso files can be rejected:<br />
<br />
map $http_user_agent $isbadbrowser {<br />
default 0;<br />
"~*Mozilla/5\.0 \(Linux; Android\)" 1;<br />
"~*Chrome/49\.0\.2623\.87" 1;<br />
"~*Firefox/3.6.3" 1;<br />
}<br />
<br />
According to our experience of operating largest mirror site in China, such<br />
User-Agent list is able to protect against most of those traffic, IP blocking is<br />
not needed and the list didn't require an update for several years.</div>
<br />
Great to know. I have just implemented it with your suggestion. I will monitor the traffic for 2-3 days and see if it works.</div>
<br />
hi<br />
just to let know that the traffic during this week has been lower than last week when we blocked CN and way lower than 2 weeks ago when we have no control implemented.<br />
<br />
So to sum it up: as suggested by TUNA team, by blocking queries based on misbehaved user-agents we were able to lower the traffic in a significant amount (25-30% lower than 2 weeks ago).<br />
<br />
regards<br />
epe<br />
<br />
<div style="border:none; border-left:solid blue 1.5pt; padding:0cm 0cm 0cm 4.0pt" type="cite"><br />
thanks<br />
epe<br />
<br />
</div></body></html>