Rate limiting could help when an automated process is scanning arbitrary, genera... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

amatecha 3 months ago | parent | context | favorite | on: Tell HN: Cloudflare is blocking Pale Moon and othe...

Rate limiting could help when an automated process is scanning arbitrary, generated URLs, inevitably generating a shitton of 404 errors -- something your rate limiting logic can easily check for (depending on server/proxy software of course). Normal users or even normal bots won't generate excessive 404's in a short time frame, so that's potentially a pretty simple metric by which apply a rate limit. Just an idea though, I've not done that myself...

ku1ik 3 months ago [–]

I did that and it works great.

Specifically, I use fail2ban to count the 404s and ban the IP temporarily when certain threshold is exceeded in a given time frame. Every time I check fail2ban stats it has hundreds of IPs blocked.

zepearl 3 months ago | [–]

Same here - fail2ban then adds the IP to my nftables fw

Consider applying for YC's Summer 2025 batch! Applications are open till May 13
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact