Apache::Throttle is probably the most elegant solution, if you're mod_perled up - which you will be, if load is such a big deal - and as ever, merlyn has a column on the subject. there's good stuff in the mod_perl cookbook too, iirc.

update: The action taken when the throttle is triggered is up to you, so if you really want to ban someone it would be easy enough to to redirect every subsequent request from that particular IP address to a page that told them off and perhaps offered a chance to appeal the sentence. Or drop the address into hosts.deny, if you really don't like them. Address != user, though...

If you're using mod_perl, look at Apache::Traffic as well.

-- Randal L. Schwartz, Perl hacker
Be sure to read my standard disclaimer if this is a reply.

Okay, it looks like I can use Apache::Traffic to see how many bytes or pages someone has viewed/dloaded. Now I decide I want to ban them. How can I use the allow/deny directives to do that on the fly? Doesn't apache have to be restarted to use the new values?

$ apachectl graceful

cheers

tachyon

s&&rsenoyhcatreve&&&s&n.+t&"$'$`$\"$\&"&ee&&y&srve&&d&&print

Apache doesn't need to be restarted if you put the directives in an .htaccess file. see http://httpd.apache.org/docs/

-- zigdon

A very basic system can be implemented using the allow/deny directives.

Just a tongue-tied, twisted, earth-bound misfit. -- Pink Floyd

Another somewhat left field solution is to put a squid proxy cache on port 80 with the desired acl list. Squid does acls to death. You then redirect from the squid to your server (which now lives on another port - say 81). There are some speed advantages to this approach as you serve a lot of requests from the squid cache (which is of course designed to be fast) thus unloading your httpd. There are claims of an order of magnitude ie 10x speed increase.... Full details at squid-cache.org See the httpd-accelerator mode section in the FAQ.

tachyon

s&&rsenoyhcatreve&&&s&n.+t&"$'$`$\"$\&"&ee&&y&srve&&d&&print