Reputation: 2835
How to stop fake web traffic from internet?
I have a website that pays users for showing advertising on shortened links. I recently have someone who is trying to boost his earnings by sending fake traffic to the site. It is not only smashing my site (ie. slowing it down) but is also skewing my Google Analytics data.
Is the only solution here really to deploy a WAF, or roll my own Rack based request inspection code? I not sure how this would work or best practices in a Heroku/Ruby on Rails environment.
Any one have experience on this or have any ideas?
Upvotes: 0
Views: 394
Answers (1)
Reputation: 18682
If the requests are being sent at a much higher rate than regular visitors do, the rack-attack gem might be very useful to you.
It allows throttling requests, so if a user visits some page at a higher frequency than allowed for a while, you can (temporarily) block any further requests.
From the gem's README:
Rack middleware for blocking & throttling abusive requests
Rack::Attack is a rack middleware to protect your web app from bad clients. It allows whitelisting, blacklisting, throttling, and tracking based on arbitrary properties of the request.
Do define the rules with a safe margin, so your application won't be blocking regular users who aren't spamming your site.
Upvotes: 1
Related Questions
- How can you block or filter IP addresses on Heroku?
- Block IPs on heroku
- Prevent spam bots from hitting Rails app
- How to prevent spam in rails?
- Block IP's In a rails app on heroku
- How to block Referral Spam using Heroku
- rails - getting lots of traffic from semalt and buttons-for-websites.com
- How to redirect spam referral traffic to avoid biased visit statistics?
- How to prevent abusive crawlers from crawling a rails app deployed on Heroku?
- Rails app on Heroku - Please recommend defensive programming techniques