On 3/16/2015 8:41 AM, Robert Klemme wrote:
On Sun, Mar 15, 2015 at 10:07 AM, Aurélien Terrestris <aterrest...@gmail.com
wrote:
I agree with the NIO connector which gives good results to this
problem. Also, on Linux you can configure iptables firewall to limit
the number of connections from one IP (
http://unix.stackexchange.com/questions/139285/limit-max-connections-per-ip-address-and-new-connections-per-second-with-iptable
)
What I find difficult about this approach is that because of NAT the number
of individual machines (and hence connections that are reasonable) behind a
single IP can vary vastly. What value will you pick to not discriminate
large organizations?
That is a reasonable question, but the owner of a web site should have
some idea of who their clients are, and have a feel for a reasonable
number to allow. Obviously a site with a large clientele will be able
to handle a larger number of connections, whether they're legit or not.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
