0

We have a Debian based server running Tomcat behind a load-balanced webserver. As it's for development, we have added basic authentication in tomcat with username and password. But we are getting so much spam requests with crazy combinations that our server is overloading. Any way we can block that IP or some limiting factor after 2-3 attempts. Thank you.

I don't have any code here to show, as it's just username passwords in tomcat-users.xml

Improve this question
6
  • maybe its possible you can do the basic-auto in your load-balancing webserver? f.e. in apache2 you could easily do this. additionally things like fail2ban or similiar strategies would drop every "non-conforming" ip quite fast as well. (won't help vs DDOS though) Commented Apr 25, 2019 at 7:39
  • @DennisNolte : We have fail2ban and denyhosts already setup, will check out basic-auto as u suggested. Thanks. Commented Apr 25, 2019 at 7:43
  • @DennisNolte I am not able to find antyhing in apache like basic-auto, do u mean authorization via htaccess? Commented Apr 25, 2019 at 7:43
  • exactly, this is (at least i think) called basic-auth as well. see for example here: wiki.apache.org/httpd/PasswordBasicAuth note that you don't need a htaccess file if you control the apache2 server configuration directly. Commented Apr 25, 2019 at 8:36
  • Why not configure firewall rules and allow only specific IP addresses to access the dev server Commented Apr 25, 2019 at 19:37

2 Answers 2

Reset to default
0

Temporarily, I have managed to block certain countries which were spamming a lot with Iptables. Will test it for few weeks first, or else implement basic auth with htaccess.

Improve this answer
0

I'd recommend installing fail2ban and have that automatically block IPs for a (hour/day/week/month - take your pick) after 3 authentication failures in a row. You should be able to get fail2ban to trigger of 401 responses in Tomcat's access log.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.