[CentOS-mirror] DOS attack downloading DVD isos
Mogens Kjaer
mk at crc.dk
Fri Nov 20 08:26:36 UTC 2009
On 11/20/2009 12:50 AM, Bob Bownes wrote:
> Anyone else seeing high numbers of requests for the DVD isos from a few
> discrete locations? I'm getting multiple requests for dvd's from over 500
> separate locations.
I was hit by the same problem some time ago.
Redirecting http requests to ftp solved the problem:
RewriteEngine On
RewriteCond %{REQUEST_METHOD} GET
RewriteRule ^(.*\.iso)$ ftp://ftp.crc.dk/pub/mirrors/$1 [L,R=301]
This rule redirects http://ftp.crc.dk/centos into
ftp://ftp.crc.dk/pub/mirrors/centos for .iso requests.
The "download managers" or whatever don't follow the 301 redirect,
browsers and wget do.
I also limit the number of ftp connections per IP.
Mogens
--
Mogens Kjaer, Carlsberg A/S, Computer Department
Gamle Carlsberg Vej 10, DK-2500 Valby, Denmark
Phone: +45 33 27 53 25, Mobile: +45 22 12 53 25
Email: mk at crc.dk Homepage: http://www.crc.dk
More information about the CentOS-mirror
mailing list