Implementing site access rate limiting in PHP

views:

answers:

+1 Q:

Implementing site access rate limiting in PHP

Hi,

I am developing a fairly simple site on a LAMP framework + Codeigniter and want to implement a user access rate limit feature to prevent the site being flooded with requests from a single user. The basic function of the site is to take a code input and return some info.

I'm only at the planning stages and my first idea is to have a simple database table holding an IP address, last access timestamp and an access count, but as my coding skills are rooted in non web-based apps I would appreciate any thoughts on the best way to approach this task - for example, should I be considering session IDs instead of, or as well as, IP addresses?

I've not found much with some general Web searches so any pointers or guidance would be great.

Thanks.

+3 A:

If you really need to do this, you're probably better off doing it before PHP even gets involved. You might consider looking into configuring a router or load-balancer to do this, or at the very least, some kind of web-server module.

Doing this in PHP is likely to create so much overhead as to be self-defeating.

timdev 2010-09-11 22:00:23

Appreciated - all of that will depend on how the site is hosted, but as per my comment against another response, the limiting is mainly to prevent abuse of the query process to scrape the database

Linker3000 2010-09-11 22:04:27

Aha, that's a hard thing to do effectively, unless you have a very large amount of very volatile data. Crawlers will just slow down, use multiple IP addresses, and drop their session cookies, so they get a new session_id on each request.

timdev 2010-09-11 22:49:09

ansaurus

tags:

views:

answers:

Implementing site access rate limiting in PHP

related questions