Geek asks and answers

How to get around server flooding by users opening countless tabs?

I have some kind of chat / forum application that checks for new posts using periodic polling (every 15 seconds) using jquery ajax. I was wondering if I can get around the problem of users who are trying to be “funny” by downloading multiple instances of the browser with a lot of tabs, all pointing to the same application. Each tab sends an ajax request that could potentially overwhelm the server if multiple users start doing the same.

I store sessions in a table along with the last access time and IP address, which works fine until users use the same browser. I could store a unique identifier that is sent using an ajax POST or GET request, but this will create problems if a regular (non-abusing) user refreshes his page, which creates a new identifier.

This is not a problem yet, but it is better to catch it before someone thinks about abuse of the system like this :) Any idea how to do this?

+5
source share
4 answers

One option would be to fetch data as follows:

  • script . (LocalStorage), , , . localStorage.setItem("last-request-timestamp", new Date().getTime());
  • . . localStorage: localStorage.setItem("latest-messages", ajax_result);
  • , , , localStorage.getItem("last-request-timestamp") , 15 . , 1. , 15 .
  • , , latest-messages .

, , localStorage. , . № 1 , .

LocalStorage, . : localStorage["last-request-timestamp"].

localStorage, , , JSON.

+2

. ( , ). , , 5 captcha, 30 . , .

UPD:

- cookie . cookie. :

  • .
  • , , , , .
  • .
  • , , .
  • ( microtime(true) + $delay mysql decimal(14,4)).

:

  • id $_COOKIE.
  • . , microtime(true), , , , , , microtime(true) + $delay + $penalty, . .
0

Not sure if it works in javascript. You can check if the tab is active. And only ajax on the active tab?

0
source

Why not throw something like Memcached / Redis into the problem? Get an answer from 10-15 days of life and avoid as much processing as possible.

0
source

More articles:


All Articles