[mod_python] Protecting Web apps from to many simultaneous clicks/Hacking

SAiello at Jentoo.com SAiello at Jentoo.com
Thu May 13 18:18:49 EDT 2004 

Thanks for all the good info and suggestions.

I have done abit of browsing and checking of Apache's server settings so far. 
I would like to have the 'protection' either a part of Apache or mod_python. 
I prefer to try to use functions of the software I am already using, then 
having to add another application/software layer. Since mod_python was 
managing authentication and my sessions, I figured that was the best place to 
start.

Performance tuning/tweaking is definitely on the schedule. But I do not see 
app protection and performance tweaking as the same. I would like to make the 
app be able to protect itself, as long as it is simple and does not add too 
many CPU cycles. Besides, if the app has some basic protection written into 
it, and I use bandwidth throttling, I then have two sperate layers of 
protection. 

As to splitting the site, thats another long term plan. for Images I was 
thinking of using AOLServer. I have read a few articles saying that as an 
image server/cache it is very fast. Though all my images have been custom 
made by me, and are very small in size. So far the biggest is 1,126 bytes.

I am just not writing yet another webmail client. What I am writing is a 
webmail client for my email system I have put together. The design goal is to 
have many small nodes that are redundant for each other and spread the load. 
Back end systems (IMAP, filtering, SMTP, etc) are already done.  I just need 
a GUI to glue all the bits together for the user :) Sorry if I went offtopic 
on what I am trying to do.

Thanks,
  Steven

On Thursday 13 May 2004 02:34 pm, you wrote:
> A google for "apache 2.0 bandwidth" turned up
> http://www.topology.org/src/bwshare/README.html as the first hit.
>
> You also want to spend sometime understanding apache's server settings
> and performance tuning (there is lots of stuff on this at the apache
> site), and possibly the IMAP server's as well.  If you need tighter
> controls still, I'd look into traffic shaping tools at the firewall
> level.
>
> I think it would be overkill for webmail, but another long term option
> is splitting the site into separate servers, so images and static
> content are served from one server while the app resides on another
> server which more horsepower behind it.  This will also allow separate
> traffic controls to dynamic and static content, so image requests don't
> get queue behind application processing.
>
> Mike

More information about the Mod_python mailing list