Nasser Heidari

2011/01/27

Block POST Method with VARNISH for Invalid URLS

Filed under: freebsd,Linux — Nasser Heidari @ 16:38

Recently, I’ve experienced very high load on my http server because of spam bots.
After some inspection on the server using tools like varnishtop , tcpdump, apache mod_log_post , I’ve realized that Web Server receives lots of invalid POST Requests.
as I have only few forms on the Web Server that uses POST method, I decide to Block ALL POST method REQUESTS except my forms , lets say the form urls is :
/upload/mainform.php
/form1.php
/form2.php
/form3.php

I just add thease lines to my Varnish configuration:


...
...

sub vcl_recv {

...
...

        if ( req.request == "POST" ) {
                if (       req.url ~ "/upload/mainform.php"
                        || req.url ~ "/form1.php"
                        || req.url ~ "/form2.php"
                        || req.url ~ "/form3.php"
                        ) {
                        return (pass);
                } else {
                        error 403 ": Requested Method is not supported by this server.";

                }
        }
...
...
Advertisement

2 Comments »

  1. Brilliant idea :). Thanks!

    On a side note, you might want to throw out an error “405 Method Not Allowed” instead of 403.

    Comment by Pierre-Luc — 2011/03/31 @ 22:11 | Reply


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Theme: Rubric. Blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.