我有使用PHP Captcha的Varnish缓存,但我没有 了解我如何设置触发限制。
每小时(或分钟)这么多请求的限制之后
验证码输入已发送。
我有它的工作,但想了解我如何改变req / s限制。
以下代码来自:
这段代码对我说什么?
if (rc == MEMCACHED_SUCCESS) {
uint64_t intval;
rc= memcached_increment(memc, key, strlen(key), (uint64_t)1, &intval);
if (rc != MEMCACHED_SUCCESS)
rc= memcached_set(memc, key, strlen(key), "1", 1, (time_t)60, (uint32_t)0);
else
if (intval>30) {
VRT_SetHdr(sp, HDR_REQ, "\013X-Scraping:", "1", vrt_magic_string_end);
syslog(LOG_INFO, "Scraping detected from %s",VRT_IP_string(sp, VRT_r_client_ip(sp)));
if (intval<300)
rc= memcached_set(memc, key, strlen(key), "500", 3, (time_t)3600, (uint32_t)0);
}
您的建议将不胜感激。
谢谢!
答案 0 :(得分:1)
请原谅我没有评论我的代码:)
所以评论,我想你会理解。
if (rc == MEMCACHED_SUCCESS) {
//if connected to memcache
uint64_t intval;
//trying to increment the "ip address" key (+1)
rc= memcached_increment(memc, key, strlen(key), (uint64_t)1, &intval);
if (rc != MEMCACHED_SUCCESS)
//if increment fail, then it is the first time that we see this address
//init the value at 1 for 60 seconds
rc= memcached_set(memc, key, strlen(key), "1", 1, (time_t)60, (uint32_t)0);
else
//if increment success, then verifying the value, if more than 30 (30 reqs/minute)
//blacklist the ipaddress (setting the value arbitrary at 500 for 1 hour)
if (intval>30) {
VRT_SetHdr(sp, HDR_REQ, "\013X-Scraping:", "1", vrt_magic_string_end);
syslog(LOG_INFO, "Scraping detected from %s",VRT_IP_string(sp, VRT_r_client_ip(sp)));
if (intval<300)
rc= memcached_set(memc, key, strlen(key), "500", 3, (time_t)3600, (uint32_t)0);
}
答案 1 :(得分:0)
代码适用于此流程:
try to increment the key identifying the client and return the value in intval
if it fails set the key with an expiration of 60 seconds
else
if the number of call (intval) is less than 30
it set an header X-Scraping (which will be use later to deny access: this part is not in the part of the code you have pasted)
所以如果你想改变res / s你可以玩&gt; 30测试或将密钥到期时间更改为60以外的其他内容。