可能的/部分重复的:
什么是良好的限速算法? Throttling方法N秒调用到M请求 Best方法来实现请求限制在ASP.NET MVC? What’s a good rate limiting algorithm? Throttling method calls to M requests in N seconds Best way to implement request throttling in ASP.NET MVC?我要寻找实现移动的时间窗口限速算法的Web应用程序,以减少垃圾邮件或蛮力攻击的最佳方法。
I am looking for the best way to implement a moving time window rate limiting algorithm for a web application to reduce spam or brute force attacks.
使用的例子是从给定的IP失败的登录尝试,在最后5分钟的最大数量,在过去的N分钟(文章/票/等)的最大数量。
Examples of use would be "Maximum number of failed login attempts from a given IP in the last 5 minutes", "Maximum number of (posts/votes/etc...) in the last N minutes".
我会preFER使用移动时间窗算法,而不是统计的硬复位每隔X分钟(如Twitter API)。
I would prefer to use a moving time window algorithm, rather than a hard reset of statistics every X minutes (like twitter api).
这将是一个C#/ ASP.Net应用程序。
This would be for a C#/ASP.Net app.
推荐答案
使用一个快速的基于内存的哈希表href="http://www.danga.com/memcached/"> memcached的。钥匙将是你的限制(例如,一个IP)目标和每个储值到期应该是最大的限制时间。
Use a fast memory-based hashtable like memcached. The keys will be the target you are limiting (e.g. an IP) and the expiration of each stored value should be the maximum limitation time.
存储每个键的值将包含过去的N次尝试它们在执行所述动作,随着时间的每次尝试取得的序列化列表。
The values stored for each key will contain a serialized list of the last N attempts they made at performing the action, along with the time for each attempt.
相关推荐
最新文章