IP Connection Limiting
A new Apache module has been installed that can be set to limit the number of connections a particular IP can make to a particular file at the same time. It is strongly felt this new module will greatly reduce the severity of comment spam attacks. The new module is currently being used in one particular location, the epicenter if you will of the recent attacks.
We had tried this methodology before; however that Apache module wasn’t well suited to the task and caused numerous false positives. The new module is much more simple, although it will provide a similar ‘503′ error when it intervenes. Again, this is not a server-wide implementation, and is currently in use only to protect against comment spam on a particular website.
This message is to address the problem we’ve had lately with these spam attacks, and to indicate one of the new methods we are using to address the issue.
