Drupal Performance Tips: Prevent spam bots from posting to your Drupal site and prevent server loads due to repeated posts
https://www.zyxware.com/sites/default/files/styles/user_image/public/default_images/index.png?itok=2YmREnrP
BY Anoop John
7 years ago
Drupal-Technical
4 comments comment

One of the Drupal sites we maintain had recently started slowing down considerably in spite of the site mostly being static and in spite of boost set up on the server. On examination of the site we found that two things were happening on the site. One was that the site was being crawled indiscriminately by rogue crawlers. This we solved using the DDOS deflate script and setting DDOS deflate to run every 10 seconds. The second problem was that there were some bots which were continuously sending POST requests to /comment/cid/reply pages. For this we had to come up with a workaround.

We added the following snippet of code in the settings.php to take care of the problem. This requires that you have memcache set up on the server. If you don't have memcache you will probably have to use some alternative caching system to handle this.

if ($_SERVER["REQUEST_METHOD"] == 'POST' && !isset($_COOKIE['DRUPAL_UID'])) {
  $m = new Memcached();
  $m->addServer('localhost', 11211);
  $key = 'anon_'. $_SERVER['REMOTE_ADDR'];
  if (!$m->get($key)) {
    $m->set($key, 1, 5);
  }
  else {
    $m->set($key, 1, 5);
    echo ("We are sorry, there was an error processing your submission. Please try after some time");
    exit;
  }
}

The snippet does two things - it checks if the request is a POST request and if the user is an anonymous user, then it sets a key in memcache which will act as a auto decaying flag to indicate that the IP had sent a POST request in the last 5 seconds. If the same IP tries to send another POST request within this 5 second period the snippet returns an error and exists. The error is sent out instead of the header("HTTP/1.1 418 I'm a teapot"); response because the snippet can possibly catch regular users from a single network trying to post to the site within a 5 second span. The solution assumes that this use-case is not a significant worry for the site owner which was the case with the site we had fixed this for.


RELATED ARTICLE

/themes/custom/zyxpro_light/images/placeholder.png
close

on 01st January 2008 / by webmaster
We have added a few new modules to our site recently. Drupal Technical StumbleThis Leave a reply Your email address will not be published. Required fields are marked * Sean (not verified) access_time 02 Apr 2020 - 03:32 Hi there, I uploaded the files, enabled the modules to use SU, and now I see the link, but there is no icon... How can I fix this? Thanks, Sean webmaster access_time 02 Apr 2020 - 03:32 In reply to Icon doesn't show by Sean (not verified) What do you see when you view the source? Search for stumblethis_button and you should be able to see the code for the image and the URL. Then you should be able to troubleshoot from there. Juicy Couture Addict (not verified) access_time 02 Apr 2020 - 03:32 thanks for the post. would love to hear more of you. by the way, drupal's really popular nowadays as it has easy and fast features. you agree with me? thanks. Add new comment
/themes/custom/zyxpro_light/images/placeholder.png
close

on 16th January 2008 / by webmaster
Most webmasters do not realize this, but a lot of the content on lot of websites can be accessed from multiple URLs. A simple example would be where www.example.com and example.com leads to the same page. This is a fatal mistake in Search Engine Optimization and search engines penalize you for duplicate content. The correct configuration would be where the above two urls will lead you to the same page but example.com will redirect you to www.example.com with a 301 (Moved permanently) status which will not result in search engines penalizing the page. It is very easy to configure 301 redirects using Apache .htaccess file and the process is the same for a Drupal installation also. Drupal Technical Apache htaccess SEO Leave a reply Your email address will not be published. Required fields are marked * Anonymous (not verified) access_time 02 Apr 2020 - 03:32 Hello. I'm trying to make example.com show as www.example.com, and I'm running into difficulties. I'm on Apache 2.0 and using the following lines in my httpd.conf file: RewriteEngine on RewriteCond %{HTTP_HOST} ^xxxxxxxxxx\.com$ [NC] RewriteRule ^(.*)$ http://www.xxxxxxxxxx.com/$1 [L,R=301] When I go to http://xxxxxxxxxx.com, I get http://www.xxxxxxxxxx.com (as expected). However, when I go to http://xxxxxxxxxx.com/node/1 (it's a Drupal site), I get a 404 thrown and the URL changes to xxxxxxxxxx.com/var/www/drupal/node/1. Same thing with www.xxxxxxxxxx.com/node/1. Any suggestions? I want to run without Drupal's .htaccess file (instead incorporating these calls into my httpd.conf file). webmaster access_time 02 Apr 2020 - 03:32 In reply to Rewrite including filesystem path by Anonymous (not verified) I think the problem is with the base path which results in the redirection to /var/www/ part. The best approach I would think is to start with drupal htaccess and then strip out parts and move to httpd SNVC (not verified) access_time 02 Apr 2020 - 03:32 This is definitely a good guide. Thanks for this. wellyson access_time 02 Apr 2020 - 03:32 This is really nice and helpful. Add new comment
/themes/custom/zyxpro_light/images/placeholder.png
close

on 08th February 2008 / by webmaster
Attachment Size slashdotit.tar.gz 173.55 KB Similar to the StumbleThis module that we had created earlier we have created another bookmarking Drupal Technical Slashdotit Leave a reply Your email address will not be published. Required fields are marked * Shlomi Fish (not verified) access_time 02 Apr 2020 - 03:32 Hi! I'm interested in this module, but Drupal 6.2 complains that it's incompatible with it. Can you please update it or tell me how? Regards, Shlomi Fish shlomifish.org webmaster access_time 02 Apr 2020 - 03:32 In reply to Can you update it for Drupal-6.x? by Shlomi Fish (not verified) Sure we are working on this currently and will post an update soon. Also we will post this module on www.drupal.org as well Cheers Anoop John Team Zyxware Anonymous (not verified) access_time 02 Apr 2020 - 03:32 Hello! Nice Article very interesting, thanks Add new comment
Leave a reply
Your email address will not be published. Required fields are marked *

Filtered HTML

  • Web page addresses and email addresses turn into links automatically.
  • Allowed HTML tags: <a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type='1 A I'> <li> <dl> <dt> <dd> <h2 id='jump-*'> <h3 id> <h4 id> <h5 id> <h6 id>
  • Lines and paragraphs break automatically.
The content of this field is kept private and will not be shown publicly.
CAPTCHA This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.

author-image
Anonymous (not verified)
access_time 02 Apr 2020 - 11:33

Hi there, can you please tell us how you got DDoS Deflate to run every 10 seconds, appreciated.


author-image

You can write a simple bash script to do this. You can write an infinite loop with a sleep 10 and the call to the ddos deflate script to do this.


author-image
Kenny Paul (not verified)
access_time 02 Apr 2020 - 11:33

Mate, you've simply made my day through this article, as I've suffered a lot from the filthy bots. I couldn't quite control the links from the bots and this article had given me some relief with the perfect solution. I must write a review over this procedure essay writers reviews as I'm gonna try this one for my website. Thanks for the share.


author-image
essays (not verified)
access_time 02 Apr 2020 - 11:33

I stopped by to thank you for the Drupal performance tips! It' s a clearly-written and well-structured article! Keep it up, guys! I will be waiting for more educational content from your side!